Skip to main content

ABB T-MAC Plus CVE-2025-14771

| EUVDEUVD-2025-210050 HIGH
Files or Directories Accessible to External Parties (CWE-552)
2026-06-03 ABB GHSA-287w-267v-h5rm
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Analysis Updated
Jun 03, 2026 - 11:30 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 03, 2026 - 11:30 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 03, 2026 - 11:22 vuln.today
cvss_changed
Severity Changed
Jun 03, 2026 - 11:22 NVD
CRITICAL HIGH
CVSS changed
Jun 03, 2026 - 11:22 NVD
9.9 (CRITICAL) 7.3 (HIGH)
Analysis Generated
Jun 03, 2026 - 11:00 vuln.today

DescriptionCVE.org

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus.

This issue affects T-MAC Plus: 4.0-24.

AnalysisAI

Unauthorized file or directory access in ABB T-MAC Plus version 4.0-24 allows authenticated remote attackers to read, modify, or otherwise interact with resources that should not be externally reachable, with CVSS 4.0 scoring 7.3 due to high confidentiality and availability impact plus scope change to subsequent systems. The flaw is classified under CWE-552 (Files or Directories Accessible to External Parties) and was disclosed by ABB itself. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Technical ContextAI

T-MAC Plus is an ABB industrial/utility metering and control product family, and the vulnerability falls under CWE-552, which covers cases where files or directories intended to be internal are inadvertently exposed to external parties - typically through missing path-canonicalization, weak access-control on a web or service endpoint, or overly permissive resource handlers. The 'Path Traversal' tag combined with CWE-552 strongly suggests the affected component serves files via a network-facing interface where input is not properly normalized against a trusted base directory, enabling out-of-bounds resource access. The single CPE (cpe:2.3:a:abb:t-mac_plus) confirms the issue is product-specific rather than a shared library flaw.

RemediationAI

Consult the ABB advisory (document 9AKK108472A7840 at https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840) for the vendor-recommended fixed release, as no specific patched version string was provided in the source data - patch status is therefore 'Patch available per vendor advisory' rather than a confirmed exact version. Until upgrade is applied, restrict network reachability of the T-MAC Plus management/service interface to a dedicated OT management VLAN and require jump-host access, since the vulnerability needs at least low-privileged authenticated access (PR:L) and a network path; tighten account hygiene by removing shared low-privilege accounts and enforcing per-user credentials with MFA where the platform supports it; and place the device behind an ICS-aware firewall or data diode that can constrain outbound impact, accepting the trade-off that strict segmentation may complicate remote engineering workflows.

More in Abb

View all
CVE-2012-0245 CRITICAL
10.0 Mar 09

Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used

CVE-2024-6298 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2024-6209 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2017-17888 HIGH POC
8.8 Dec 27

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500,

CVE-2019-7225 HIGH POC
8.8 Jun 27

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI i

CVE-2019-7226 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication a

CVE-2019-7228 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Rated high

CVE-2019-7232 HIGH POC
8.8 Jun 24

The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. Rated high

CVE-2019-7230 HIGH POC
8.8 Jun 24

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Rated high severity (

CVE-2024-4007 HIGH POC
8.7 Jul 01

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login t

CVE-2019-7229 HIGH POC
8.3 Jun 24

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilizat

CVE-2019-18997 HIGH POC
7.5 Dec 18

The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work f

Share

CVE-2025-14771 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy