Skip to main content

ABB T-MAC Plus CVE-2025-14774

| EUVDEUVD-2025-210047 HIGH
Incorrect Authorization (CWE-863)
2026-06-03 ABB GHSA-rpj2-8q6r-rm58
7.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
Jun 03, 2026 - 11:28 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 03, 2026 - 11:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 03, 2026 - 11:22 vuln.today
cvss_changed
CVSS changed
Jun 03, 2026 - 11:22 NVD
7.4 (HIGH) 7.2 (HIGH)
Analysis Generated
Jun 03, 2026 - 11:01 vuln.today

DescriptionCVE.org

Incorrect Authorization vulnerability in ABB T-MAC Plus.

This issue affects T-MAC Plus: 4.0-24.

AnalysisAI

Authorization bypass in ABB T-MAC Plus version 4.0-24 allows adjacent-network attackers to perform unauthorized actions that compromise device integrity and availability without any credentials or user interaction. The flaw is an incorrect authorization weakness (CWE-863) carrying a CVSS 4.0 score of 7.2, and no public exploit identified at time of analysis. ABB itself disclosed the issue and published an advisory describing the affected firmware.

Technical ContextAI

T-MAC Plus is an ABB industrial measurement/automation device commonly deployed in operational technology (OT) and industrial control environments. CWE-863 (Incorrect Authorization) indicates that the device performs an authorization check but reaches the wrong conclusion - typically permitting actions a user or peer should not be allowed to take, rather than failing to check authorization entirely (which would be CWE-862). The CPE string cpe:2.3:a:abb:t-mac_plus identifies the affected firmware/application running on the device, and the CVSS attack vector of Adjacent (AV:A) indicates the flaw is reachable from the same logical Layer-2/Bluetooth/limited broadcast segment the device sits on, consistent with how field devices are typically networked.

RemediationAI

Patch availability is not explicitly enumerated in the provided intelligence - consult the ABB advisory at https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&LanguageCode=en&DocumentPartId=&Action=Launch for the fixed firmware version and apply it during the next maintenance window using ABB's documented upgrade procedure. Until the patch is deployed, restrict logical network access to T-MAC Plus devices by placing them on a dedicated OT VLAN behind a firewall or data diode, enforce ISA/IEC 62443 zone-and-conduit segmentation so only engineering workstations on the same trusted segment can reach the device (trade-off: legitimate adjacent management tools must be allow-listed), and enable monitoring on the OT segment to alert on unexpected configuration or command traffic to the device (trade-off: increases SOC noise but provides detection in the absence of a patch). Avoid exposing the device to general corporate or wireless segments where attackers could gain adjacent-network reachability.

More in Abb

View all
CVE-2012-0245 CRITICAL
10.0 Mar 09

Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used

CVE-2024-6298 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2024-6209 CRITICAL POC
9.4 Jul 05

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.

CVE-2017-17888 HIGH POC
8.8 Dec 27

cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500,

CVE-2019-7225 HIGH POC
8.8 Jun 27

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI i

CVE-2019-7226 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication a

CVE-2019-7228 HIGH POC
8.8 Jun 27

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Rated high

CVE-2019-7232 HIGH POC
8.8 Jun 24

The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. Rated high

CVE-2019-7230 HIGH POC
8.8 Jun 24

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Rated high severity (

CVE-2024-4007 HIGH POC
8.7 Jul 01

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login t

CVE-2019-7229 HIGH POC
8.3 Jun 24

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilizat

CVE-2019-18997 HIGH POC
7.5 Dec 18

The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work f

Share

CVE-2025-14774 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy