4HZM000603 — Vulnetix

4HZM000603 PUBLISHED CVSS 8 HIGH

ABB is aware of public reports of vulnerabilities in a 3rd party component VLC media player Version 2.2.4 which was delivered together with the installation package of Camera Connect Version 1.5.0.14 and below. An update is available that resolves a privately reported outdated 3rd party component with vulnerabilities in the product versions listed as affected in this advisory. An attacker who successfully exploited any of these vulnerabilities in the 3rd party component could potentially compromise the system in different ways.

Risk Scores

CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:F/RL:T/RC:C

Affected Products

Vendor	Product	Versions
	ABB Ability Camera Connect <=1.5.0.14
	ABB Ability Camera Connect 1.5.0.15

Exploit Intelligence

https://search.abb.com/library/Download.aspx?DocumentID=4HZM000603&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
https://psirt.abb.com/csaf/2025/4hzm000603.json (circl)
rules.yar (github-yara)

Timeline

Apr 28, 2025 PoC Published
Nov 27, 2025 CVE Published
Nov 28, 2025 CVE Updated

References

Open in Interactive Console →