Full Report
[Control systems] ABB security advisory (AV26-163)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in ABB AC500 V3 Firmware and Automation Builder
## CVE Details
- CVE ID: CVE-2025-2595, CVE-2025-41659, CVE-2025-41691, CVE-2024-41975
- CVSS Score: Score and Severity information were not explicitly provided in the summary text for all CVEs, only the existence of the advisories linking to details was confirmed.
- CWE: Information not detailed in the source text.
## Affected Systems
- Products:
- AC500 V3 firmware
- ABB Automation Builder for Windows
- Versions:
- AC500 V3 firmware: Versions prior to 3.9.0
- Automation Builder: Versions prior to 2.9.0
- Configurations: Automation Builder vulnerability specifically relates to "insecure defaults."
## Vulnerability Description
The advisory covers multiple security flaws affecting ABB control system components:
1. **AC500 V3 Firmware**: Contains three distinct vulnerabilities (CVE-2025-2595, CVE-2025-41659, CVE-2025-41691). The technical details are not itemized but are addressed in the vendor advisory.
2. **ABB Automation Builder for Windows**: Contains a vulnerability related to insecure default configurations (CVE-2024-41975).
## Exploitation
- Status: Not specified in the provided summary text. Users are directed to vendor links for further detail.
- Complexity: Information not detailed in the source text.
- Attack Vector: Information not detailed in the source text.
## Impact
Impact details (Confidentiality, Integrity, Availability) were not explicitly quantified in the provided advisory summary.
## Remediation
### Patches
Users must consult the specific ABB advisories linked in the full notice for precise patch/version information. Available fixes relate to:
- Updating **AC500 V3 firmware** to version 3.9.0 or later (to address CVE-2025-2595, CVE-2025-41659, CVE-2025-41691).
- Updating **ABB Automation Builder** to version 2.9.0 or later (to address CVE-2024-41975).
### Workarounds
No specific workarounds were detailed in this summary; the Cyber Centre encourages reviewing the provided web links to perform suggested mitigations.
## Detection
- Indicators of Compromise: Not specified.
- Detection Methods and Tools: Not specified.
## References
- Vendor Advisories:
- AC500 V3 Multiple vulnerabilities: hxxps://search.abb.com/library/Download.aspx?DocumentID=3ADR011524&LanguageCode=en&DocumentPartId=&Action=Launch
- ABB Automation Builder Gateway for Windows with insecure defaults: hxxps://search.abb.com/library/Download.aspx?DocumentID=3ADR011525&LanguageCode=en&DocumentPartId=&Action=Launch
- Relevant Links:
- ABB Cyber security alerts and notifications: hxxps://global.abb/group/en/technology/cyber-security/alerts-and-notifications