CVE-2024-11477 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-11477 PUBLISHED CVSS 7.800000190734863 HIGH

This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability

EPSS 38.07% · 97.2th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

EPSS Score

38.07%

97.2th percentile

Affected Products

Vendor	Product	Versions
ABB	ABB 800xA for AC 870P Melody <=6.2
ABB	ABB Batch Management <=6.2
ABB	ABB Production Response Batch History <=6.2
ABB	ABB 800xA History <=7.0
ABB	ABB 800xA for Symphony Plus Harmony <=6.2
ABB	ABB Application Change Management <=6.2

Timeline

Nov 20, 2024 PoC Published
Nov 20, 2024 CVE Published
Nov 23, 2024 EPSS Score
Nov 25, 2024 PoC Published
Nov 25, 2024 PoC Published
Nov 25, 2024 PoC Published
Nov 25, 2024 PoC Published
Nov 27, 2024 PoC Published
Dec 24, 2024 PoC Published
Dec 28, 2024 EPSS Score
Jan 3, 2025 PoC Published
Jan 3, 2025 PoC Published

References

https://psirt.abb.com/csaf/2026/7paa023732.json advisory
https://search.abb.com/library/Download.aspx?DocumentID=7PAA023732&LanguageCode=en&DocumentPartId=&Action=Launch advisory
https://library.abb.com/d/3BDS011222D7000 advisory
https://library.abb.com/d/3BSE034463D7000 advisory
https://library.abb.com/d/3BSE037410D7000 advisory
https://library.abb.com/d/3BSE080520D7000 advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-11477 advisory

Open in Interactive Console →