THREATNOIR
Subscribe
Back to Feed
VulnerabilitiesMay 26, 2026

ABB Ability Camera Connect

ABB Ability Camera Connect has multiple vulnerabilities due to outdated VLC media player.

Read at source

Summary

ABB Ability Camera Connect versions 1.5.0.14 and below are affected by multiple vulnerabilities due to an outdated VLC media player component. Exploitation of these vulnerabilities could lead to system compromise, but the risk is mitigated by the product's deployment in isolated, air-gapped environments. ABB has released version 1.5.0.15 to address these issues and recommends updating VLC Media Player.

Full text

ICS Advisory ABB Ability Camera Connect Release DateMay 26, 2026 Alert CodeICSA-26-146-05 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems View CSAF Summary ABB is aware of public reports of vulnerabilities in a 3rd party component VLC media player Version 2.2.4 which was delivered together with the installation package of Camera Connect Version 1.5.0.14 and below. An update is available that resolves a privately reported outdated 3rd party component with vulnerabilities in the product versions listed as affected in this advisory. An attacker who successfully exploited any of these vulnerabilities in the 3rd party component could potentially compromise the system in different ways. The following versions of ABB Ability Camera Connect are affected: Ability Camera Connect vers:intdot/<=1.5.0.14, 1.5.0.15 CVSS Vendor Equipment Vulnerabilities v3 9.8 ABB ABB Ability Camera Connect Heap-based Buffer Overflow, Integer Underflow (Wrap or Wraparound), Out-of-bounds Write, Uncontrolled Search Path Element, Integer Overflow or Wraparound, Off-by-one Error, Out-of-bounds Read, Double Free, Improper Restriction of Operations within the Bounds of a Memory Buffer, Use After Free Background Critical Infrastructure Sectors: Chemical, Commercial Facilities, Communications, Critical Manufacturing, Energy, Transportation Systems Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2024-46461 VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges. View CVE Details Affected Products ABB Ability Camera Connect Vendor:ABB Product Version:ABB Ability Camera Connect <=1.5.0.14 Product Status:fixed, known_affected Remediations MitigationThe VLC-based component operates solely within completely isolated environments without internet access or any connectivity to external networks. Consequently: • No exposure to untrusted MMS streams: The integer overflow vulnerability relies on handling a maliciously crafted external stream, which is not possible in isolated environments • No remote attacker access: Without network ingress, attackers cannot trigger the vulnerability remotely. • Drastically reduced attack surface: The absence of any external media inputs effectively neutralizes the exploit path, significantly lowering the risk of both denial of service and code execution. Vendor fixThe problem is corrected in the following product versions: ABB Ability Camera Connect 1.5.0.15 The 3rd party component has already been updated. The easiest path to mitigate the problem is an update of just VLC Media Player by the customer. ABB recommends that customers apply the update at earliest convenience. It is also possible to update to the latest Version of Camera Connect. Relevant CWE: CWE-122 Heap-based Buffer Overflow Metrics CVSS Version Base Score Base Severity Vector String 3.1 8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:F/RL:T/RC:C CVE-2023-47360 Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. View CVE Details Affected Products ABB Ability Camera Connect Vendor:ABB Product Version:ABB Ability Camera Connect <=1.5.0.14 Product Status:fixed, known_affected Remediations Mitigation• Air-gapped environments only: Camera Connect is deployed in completely isolated environments lacking any network connectivity or internet access. • No exposure to MMS streams: The vulnerability depends on processing crafted MMS streams, which cannot originate from external or internal network sources when the system is air-gapped. • Elimination of remote attack surface: Without any method for an attacker to deliver malicious media inputs, the vulnerability cannot be triggered remotely. • Strong reduction in exploitation risk: The combined absence of external media ingestion and unavailable network paths effectively neutralizes the integer underflow exploit, significantly reducing the likelihood of both denial-of-service and memory corruption scenarios. Vendor fixThe problem is corrected in the following product versions: ABB Ability Camera Connect 1.5.0.15 The 3rd party component has already been updated. The easiest path to mitigate the problem is an update of just VLC Media Player by the customer. ABB recommends that customers apply the update at earliest convenience. It is also possible to update to the latest Version of Camera Connect. Relevant CWE: CWE-191 Integer Underflow (Wrap or Wraparound) Metrics CVSS Version Base Score Base Severity Vector String 3.1 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-47359 Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. View CVE Details Affected Products ABB Ability Camera Connect Vendor:ABB Product Version:ABB Ability Camera Connect <=1.5.0.14 Product Status:fixed, known_affected Remediations MitigationGiven that Camera Connect is deployed exclusively in fully isolated, air-gapped environments with no internet access or external network connectivity, the following risk-reduction factors apply: • No exposure to crafted MMS streams: The exploit requires the receipt of specially crafted packets via the MMS protocol, which cannot occur without network connectivity. • Network attack vector eliminated: As the vulnerability’s CVSS vector highlights a network-based attack (AV:N), the lack of any ingress network path nullifies the attack surface. • Low likelihood of exploitation: Without access to malicious media input, there is effectively no practical method for an attacker to trigger memory corruption, making the likelihood of denial of service or arbitrary code execution negligible. Vendor fixThe problem is corrected in the following product versions: ABB Ability Camera Connect 1.5.0.15 The 3rd party component has already been updated. The easiest path to mitigate the problem is an update of just VLC Media Player by the customer. ABB recommends that customers apply the update at earliest convenience. It is also possible to update to the latest Version of Camera Connect. Relevant CWE: CWE-787 Out-of-bounds Write Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-46814 A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM. View CVE Details Affected Products ABB Ability Camera Connect Vendor:ABB Product Version:ABB Ability Camera Connect <=1.5.0.14 Product Status:fixed, known_affected Remediations MitigationGiven that the VLC-based component is installed exclusively within air-gapped environments under strict administrative control, the following factors substantially reduce risk: • Restricted user access: Only trusted, privileged users perform installations and modifications. Standard users have no write permissions to the uninstaller directory. • No internet or network access: The exploit requires local manipulation of VLC’s uninstaller files; without external connectivity, remote coercion or manipulation is impossible. • Elimination of attacker vector: In air gapped deployments with administrative controls, un-privileged users cannot place malicious DLLs or executables in the uninstaller’s search path. • Minimized privilege escalation risk: The combination of controlled write access, absence of network exposure, and trusted user roles effectively neutralizes the binary hijacking threat, rendering succ

Indicators of Compromise

  • cve — CVE-2024-46461
  • cve — CVE-2023-47360
  • cve — CVE-2023-47359
  • cve — CVE-2023-46814
  • cve — CVE-2022-41325
  • cve — CVE-2020-26664
  • cve — CVE-2019-19721
  • cve — CVE-2019-13962
  • cve — CVE-2019-13615
  • cve — CVE-2019-13602
  • cve — CVE-2019-5460
  • cve — CVE-2019-5459
  • cve — CVE-2019-5439
  • cve — CVE-2018-11529
  • cve — CVE-2017-17670
  • cve — CVE-2017-10699
  • cve — CVE-2017-9301
  • cve — CVE-2017-9300
  • cve — CVE-2017-8313
  • cve — CVE-2017-8312
  • cve — CVE-2017-8311
  • cve — CVE-2017-8310

Entities

ABB Ability Camera Connect (product)ABB (vendor)VLC media player (product)VideoLAN (vendor)