Critical VLC Media Player Vulnerabilities in ABB Ability Camera Connect (CVE‑2024‑46461) Threaten Industrial Systems
What It Is – ABB Ability Camera Connect versions ≤ 1.5.0.14 and 1.5.0.15 ship with a bundled VLC media player (v2.2.4). The VLC component contains multiple memory‑corruption bugs (heap‑based buffer overflow, use‑after‑free, integer under/overflow, out‑of‑bounds reads/writes) tracked as CVE‑2024‑46461, giving an attacker a path to remote code execution or denial‑of‑service.
Exploitability – The vulnerabilities are publicly disclosed, have a CVSS v3.1 score of 9.8 (Critical), and proof‑of‑concept exploits for the VLC bugs are circulating in underground forums. No known active ransomware‑as‑a‑service targeting this component, but exploitation is feasible in the wild.
Affected Products – ABB Ability Camera Connect ≤ 1.5.0.14 and 1.5.0.15 (bundled with VLC 2.2.4).
TPRM Impact – The product is deployed across critical‑infrastructure sectors (chemical, energy, transportation, manufacturing, communications). A compromised camera system can serve as a foothold for lateral movement into OT networks, potentially exposing proprietary process data or disrupting plant operations.
Recommended Actions –
- Immediately apply ABB’s remediation update that replaces the vulnerable VLC library.
- Verify that all deployed Camera Connect instances are running version 1.5.0.15 or later.
- Conduct a rapid inventory of any legacy installations still using the affected package and isolate them from production networks until patched.
- Review network segmentation and limit outbound traffic from camera endpoints to only required management services.
- Incorporate the CVE into your vulnerability‑management feed and schedule regular re‑scans of OT assets.
Source: CISA Advisory – ICSA‑26‑146‑05