HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

Critical VLC Media Player Vulnerabilities in ABB Ability Camera Connect (CVE‑2024‑46461) Threaten Industrial Systems

ABB Ability Camera Connect versions ≤ 1.5.0.14 bundle a vulnerable VLC media player (CVE‑2024‑46461) with a CVSS 9.8 rating. The flaws enable remote code execution or denial‑of‑service on cameras deployed across energy, chemical, and transportation sectors, creating a supply‑chain risk for OT environments.

LiveThreat™ Intelligence · 📅 May 26, 2026· 📰 cisa.gov
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
cisa.gov

Critical VLC Media Player Vulnerabilities in ABB Ability Camera Connect (CVE‑2024‑46461) Threaten Industrial Systems

What It Is – ABB Ability Camera Connect versions ≤ 1.5.0.14 and 1.5.0.15 ship with a bundled VLC media player (v2.2.4). The VLC component contains multiple memory‑corruption bugs (heap‑based buffer overflow, use‑after‑free, integer under/overflow, out‑of‑bounds reads/writes) tracked as CVE‑2024‑46461, giving an attacker a path to remote code execution or denial‑of‑service.

Exploitability – The vulnerabilities are publicly disclosed, have a CVSS v3.1 score of 9.8 (Critical), and proof‑of‑concept exploits for the VLC bugs are circulating in underground forums. No known active ransomware‑as‑a‑service targeting this component, but exploitation is feasible in the wild.

Affected Products – ABB Ability Camera Connect ≤ 1.5.0.14 and 1.5.0.15 (bundled with VLC 2.2.4).

TPRM Impact – The product is deployed across critical‑infrastructure sectors (chemical, energy, transportation, manufacturing, communications). A compromised camera system can serve as a foothold for lateral movement into OT networks, potentially exposing proprietary process data or disrupting plant operations.

Recommended Actions

  • Immediately apply ABB’s remediation update that replaces the vulnerable VLC library.
  • Verify that all deployed Camera Connect instances are running version 1.5.0.15 or later.
  • Conduct a rapid inventory of any legacy installations still using the affected package and isolate them from production networks until patched.
  • Review network segmentation and limit outbound traffic from camera endpoints to only required management services.
  • Incorporate the CVE into your vulnerability‑management feed and schedule regular re‑scans of OT assets.

Source: CISA Advisory – ICSA‑26‑146‑05

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-05

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →