cve-2024-41975

CVE-2024-41975 is a security vulnerability in ABB Automation Builder Gateway for Windows, versions before 2.9.0. The issue allows the gateway to listen remotely by default on TCP port 1217, exposing PLC discovery to unauthenticated network attackers. This is particularly concerning in industrial environments such as chemical, manufacturing, energy, and water facilities, where engineering workstations may be silently exposed. The vulnerability highlights the risk of insecure defaults in Windows-based industrial software, enabling attackers to map networks that are often assumed to be opaque. Mitigation involves updating to version 2.9.0 or later. Discussions on WindowsForum.com emphasize the quiet but significant threat this poses to operational technology networks.