ABB Ability Camera Connect

Act NowCVSS 9.8ICS-CERT ICSA-26-146-05Nov 27, 2025

ABB

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

ABB Ability Camera Connect versions 1.5.0.14 and earlier ship with a vulnerable third-party component: VLC Media Player version 2.2.4. This outdated VLC version contains multiple memory corruption vulnerabilities (buffer overflow, integer overflow, use-after-free) that could allow remote attackers to execute arbitrary code without authentication. The vulnerabilities affect the media processing functionality of Camera Connect and could compromise system integrity, confidentiality, and availability.

What this means

What could happen

An attacker with network access to Camera Connect could exploit VLC vulnerabilities to execute arbitrary code on the system, potentially compromising the camera system and gaining access to video streams or the underlying network.

Who's at risk

Organizations operating ABB Ability Camera Connect for video surveillance in industrial facilities, energy utilities, water treatment plants, or manufacturing. This includes any deployment using version 1.5.0.14 or earlier where the system is reachable over the network.

How it could be exploited

An attacker sends a specially crafted input (file, URL, or network packet) to the Camera Connect system. The bundled VLC media player (version 2.2.4) processes the input and triggers a buffer overflow or memory corruption vulnerability, allowing the attacker to execute arbitrary commands on the device.

Prerequisites

Network access to Camera Connect interface and associated media handling ports
Camera Connect version 1.5.0.14 or earlier deployed with VLC 2.2.4 still in use

remotely exploitableno authentication requiredlow complexityhigh EPSS score (73.8%)affects safety-critical visual monitoring systems

Exploitability

Likely to be exploited — EPSS score 73.8%

Metasploit module available — weaponized exploitView module ↗

Affected products (1)

ProductAffected VersionsFix Status

Ability Camera Connect <=1.5.0.14≤ 1.5.0.141.5.0.15

Remediation & Mitigation

0/3

Do now

0/2

WORKAROUNDIf immediate patching is not feasible, update the bundled VLC Media Player component to the latest version independently

HARDENINGRestrict network access to Camera Connect management and streaming interfaces to trusted engineering networks only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ABB Ability Camera Connect to version 1.5.0.15 or later

CVEs (22)

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/5fa74658-8209-4a3d-a61b-2772bb0e7ab0

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.