Details of VAR-202405-1487

ID

VAR-202405-1487

CVE

CVE-2024-1913

TITLE

ABB of Robotware Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-029660

DESCRIPTION

An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible, or execute arbitrary code. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 * OmniCore- RobotWare 7 < 7.14 . ABB of Robotware Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-1913 // JVNDB: JVNDB-2024-029660

AFFECTED PRODUCTS

vendor:	abb	model:	robotware	scope:	gte	version:	7.00	Trust: 1.0
vendor:	abb	model:	robotware	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	abb	model:	robotware	scope:	lt	version:	6.15.06	Trust: 1.0
vendor:	abb	model:	robotware	scope:	gt	version:	6.10.10	Trust: 1.0
vendor:	abb	model:	robotware	scope:	lt	version:	6.13.07	Trust: 1.0
vendor:	abb	model:	robotware	scope:	lt	version:	6.10.10	Trust: 1.0
vendor:	abb	model:	robotware	scope:	lt	version:	7.14	Trust: 1.0
vendor:	abb	model:	robotware	scope:	gt	version:	6.13.07	Trust: 1.0
vendor:	abb	model:	robotware	scope:	eq	version:	7.00 that's all 7.14	Trust: 0.8
vendor:	abb	model:	robotware	scope:	-	version:	-	Trust: 0.8
vendor:	abb	model:	robotware	scope:	eq	version:	6.13.07 greater than 6.15.06	Trust: 0.8
vendor:	abb	model:	robotware	scope:	eq	version:	-	Trust: 0.8
vendor:	abb	model:	robotware	scope:	eq	version:	6.10.10 greater than 6.13.07	Trust: 0.8
vendor:	abb	model:	robotware	scope:	eq	version:	6.0.0 that's all 6.10.10	Trust: 0.8

sources: JVNDB: JVNDB-2024-029660 // NVD: CVE-2024-1913

CVSS

SEVERITY

CVSSV2

CVSSV3

cybersecurity@ch.abb.com:	CVE-2024-1913
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2024-029660
value:	HIGH
Trust: 0.8

cybersecurity@ch.abb.com:	CVE-2024-1913
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.7
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2024-029660
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-029660 // NVD: CVE-2024-1913

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-029660 // NVD: CVE-2024-1913

EXTERNAL IDS

db:	NVD	id:	CVE-2024-1913	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-029660	Trust: 0.8

sources: JVNDB: JVNDB-2024-029660 // NVD: CVE-2024-1913

REFERENCES

url:	https://search.abb.com/library/download.aspx?documentid=si20330&languagecode=en&documentpartid=&action=launch	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-1913	Trust: 0.8

sources: JVNDB: JVNDB-2024-029660 // NVD: CVE-2024-1913

SOURCES

db:	JVNDB	id:	JVNDB-2024-029660
db:	NVD	id:	CVE-2024-1913

LAST UPDATE DATE

2026-01-14T23:42:03.183000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-029660	date:	2025-12-23T02:58:00
db:	NVD	id:	CVE-2024-1913	date:	2025-12-19T14:46:23.847

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-029660	date:	2025-12-23T00:00:00
db:	NVD	id:	CVE-2024-1913	date:	2024-05-14T16:16:01.860