Skip to main content

ABB AWIN Gateway CVE-2025-13779

| EUVDEUVD-2025-208635 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-03-13 ABB
7.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Analysis Updated
May 19, 2026 - 15:12 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 19, 2026 - 15:07 vuln.today
cvss_changed
CVSS changed
May 19, 2026 - 15:07 NVD
8.3 (HIGH) 7.2 (HIGH)
EUVD ID Assigned
Mar 13, 2026 - 16:57 euvd
EUVD-2025-208635
Analysis Generated
Mar 13, 2026 - 16:57 vuln.today
CVE Published
Mar 13, 2026 - 13:11 nvd
HIGH 8.3

DescriptionCVE.org

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

AnalysisAI

Authentication bypass in ABB AWIN GW100 rev.2 (2.0-0, 2.0-1) and AWIN GW120 (1.2-0, 1.2-1) industrial gateways allows adjacent-network attackers to invoke critical functions without credentials, resulting in high confidentiality and availability impact. The flaw was reported by ABB itself and carries a CVSS 4.0 score of 7.2; no public exploit identified at time of analysis and EPSS sits at 0.03% (7th percentile), indicating low predicted exploitation likelihood despite the serious technical impact.

Technical ContextAI

The AWIN GW100 and GW120 are ABB industrial communication gateways used in building/industrial automation deployments to bridge field-bus protocols to IP networks. The root cause is CWE-306 (Missing Authentication for Critical Function), meaning at least one privileged interface or service on the gateway accepts requests without verifying the caller's identity. Per the CPE strings (cpe:2.3:a:abb:awin_gw100_rev.2 and cpe:2.3:a:abb:awin_gw120), the issue is scoped to these two gateway models across the listed firmware revisions and is exposed over an adjacent network (AV:A in CVSS 4.0), which is consistent with management interfaces reachable on the local OT/IT segment rather than the public internet.

RemediationAI

No vendor-released patched firmware version is independently confirmed from the available data, so administrators must consult the ABB advisory at https://search.abb.com/library/Download.aspx?DocumentID=4JNO000329&LanguageCode=en for the official fixed build and upgrade guidance for AWIN GW100 rev.2 and GW120. Until a confirmed patched firmware is applied, place the gateways on a dedicated, segmented management VLAN, restrict adjacent-network reachability to a small set of engineering workstations via firewall ACLs (blocking arbitrary OT-LAN hosts from reaching the gateway's management/critical-function ports), and enable monitoring/logging on any north-bound jump host - recognizing the trade-off that tighter segmentation may break legitimate integrations with SCADA/BMS systems that currently address the gateway directly. Avoid exposing these gateways to routed corporate networks or the Internet under any circumstance.

More in Abb

View all
CVE-2012-0245 CRITICAL
10.0 Mar 09

Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used

CVE-2024-6298 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2024-6209 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2017-17888 HIGH POC
8.8 Dec 27

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500,

CVE-2019-7225 HIGH POC
8.8 Jun 27

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI i

CVE-2019-7226 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication a

CVE-2019-7228 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Rated high

CVE-2019-7232 HIGH POC
8.8 Jun 24

The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. Rated high

CVE-2019-7230 HIGH POC
8.8 Jun 24

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Rated high severity (

CVE-2024-4007 HIGH POC
8.7 Jul 01

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login t

CVE-2019-7229 HIGH POC
8.3 Jun 24

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilizat

CVE-2019-18997 HIGH POC
7.5 Dec 18

The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work f

Share

CVE-2025-13779 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy