Which versions of ABB AWIN Gateway are affected by CVE-2025-13779?

ABB's AWIN GW100 and GW120 industrial gateways contain an authentication bypass vulnerability allowing adjacent-network attackers to execute critical functions without credentials, directly…

How to fix or mitigate CVE-2025-13779?

24 hours: Inventory all AWIN GW100 (rev.2, versions 2.0-0, 2.0-1) and AWIN GW120 (versions 1.2-0, 1.2-1) devices; assess network exposure and identify critical functions. 7 days: Implement network segmentation to restrict adjacent-network access to affected gateways; deploy firewall rules blocking unauthorized traffic to gateway management interfaces. 30 days: Monitor ABB security advisories for patch release; prepare upgrade testing plan; establish contingency timeline for replacement if patches are not released within 60 days.

ABB AWIN Gateway CVE-2025-13779

Q: What is the CVSS score of CVE-2025-13779?

CVE-2025-13779 has a CVSS 4.0 base score of 7.2 (High). CVSS vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2025-208635 HIGH

Missing Authentication for Critical Function (CWE-306)

2026-03-13 ABB

Authentication Bypass Abb

7.2

CVSS 4.0

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

May 19, 2026 - 15:12 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 19, 2026 - 15:07 vuln.today

cvss_changed

CVSS changed

May 19, 2026 - 15:07 NVD

8.3 (HIGH) 7.2 (HIGH)

EUVD ID Assigned

Mar 13, 2026 - 16:57 euvd

EUVD-2025-208635

Analysis Generated

Mar 13, 2026 - 16:57 vuln.today

CVE Published

Mar 13, 2026 - 13:11 nvd

HIGH 8.3

DescriptionNVD

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

AnalysisAI

Authentication bypass in ABB AWIN GW100 rev.2 (2.0-0, 2.0-1) and AWIN GW120 (1.2-0, 1.2-1) industrial gateways allows adjacent-network attackers to invoke critical functions without credentials, resulting in high confidentiality and availability impact. The flaw was reported by ABB itself and carries a CVSS 4.0 score of 7.2; no public exploit identified at time of analysis and EPSS sits at 0.03% (7th percentile), indicating low predicted exploitation likelihood despite the serious technical impact.

Technical ContextAI

The AWIN GW100 and GW120 are ABB industrial communication gateways used in building/industrial automation deployments to bridge field-bus protocols to IP networks. The root cause is CWE-306 (Missing Authentication for Critical Function), meaning at least one privileged interface or service on the gateway accepts requests without verifying the caller's identity. Per the CPE strings (cpe:2.3:a:abb:awin_gw100_rev.2 and cpe:2.3:a:abb:awin_gw120), the issue is scoped to these two gateway models across the listed firmware revisions and is exposed over an adjacent network (AV:A in CVSS 4.0), which is consistent with management interfaces reachable on the local OT/IT segment rather than the public internet.

RemediationAI

No vendor-released patched firmware version is independently confirmed from the available data, so administrators must consult the ABB advisory at https://search.abb.com/library/Download.aspx?DocumentID=4JNO000329&LanguageCode=en for the official fixed build and upgrade guidance for AWIN GW100 rev.2 and GW120. Until a confirmed patched firmware is applied, place the gateways on a dedicated, segmented management VLAN, restrict adjacent-network reachability to a small set of engineering workstations via firewall ACLs (blocking arbitrary OT-LAN hosts from reaching the gateway's management/critical-function ports), and enable monitoring/logging on any north-bound jump host - recognizing the trade-off that tighter segmentation may break legitimate integrations with SCADA/BMS systems that currently address the gateway directly. Avoid exposing these gateways to routed corporate networks or the Internet under any circumstance.

CVE-2025-13779 vulnerability details – vuln.today

Back

ABB AWIN Gateway CVE-2025-13779

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

ABB AWIN Gateway CVE-2025-13779

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code