ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4)

Act NowCVSS 9.84hzm000604Mar 26, 2026

ABB

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

ABB Ability Camera Connect versions 2.0.0.42 and below bundle SQLite 3.2.4, which contains multiple vulnerabilities in the FTS3 (full-text search) session extension module. These vulnerabilities include buffer overflows, integer overflows, null pointer dereferences, and improper input validation affecting the SQLite C API. The vulnerabilities are present in the bundled SQLite library but are not exploitable in normal Camera Connect operation because the product does not use the vulnerable FTS3 session extension functionality, requires adjacent network access, and implements authentication controls. The vendor has released a patched version that updates the bundled SQLite component.

What this means

What could happen

An attacker with access to the same network segment and low-privilege credentials could theoretically trigger memory corruption in the bundled SQLite library, potentially compromising the Camera Connect system and any data it manages. However, this risk is significantly mitigated because Camera Connect does not use the vulnerable FTS3 session extension functionality in normal operation.

Who's at risk

Organizations operating ABB Ability Camera Connect systems used in industrial facilities (power generation, water/wastewater treatment, manufacturing, oil and gas) should assess whether they are running version 2.0.0.42 or earlier. This product is typically used for remote visual monitoring and process documentation in OT environments.

How it could be exploited

An attacker would need adjacent network access (same local network) and valid low-privilege credentials to access Camera Connect. They would then need to craft specific database operations that invoke the vulnerable FTS3 session extension code with malformed input designed to trigger buffer or integer overflow conditions in the C API layer. This is difficult in practice because Camera Connect accesses SQLite through higher-level query interfaces that do not expose the vulnerable C API directly.

Prerequisites

Adjacent network access (same local network segment)
Valid low-privilege Camera Connect credentials
Ability to issue crafted database queries that target the FTS3 session extension

CVSS 9.8 (critical)—high severity ratingEPSS 51.9% (medium-high exploit probability)multiple memory safety vulnerabilities in bundled componentrequires adjacent network and valid credentials (barriers to exploitation)

Exploitability

Likely to be exploited — EPSS score 51.9%

Public Proof-of-Concept (PoC) on GitHub (2 repositories)

Affected products (1)

ProductAffected VersionsFix Status

Ability Camera Connect <=2.0.0.42≤ 2.0.0.422.0.0.49

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ABB Ability Camera Connect to version 2.0.0.49 or later

CVEs (25)

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/06ca5052-cde0-4a0b-b2a9-c7f1c53cd766

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.