CVE-2025-3756— Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-3756
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation. The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function. This issue affects AC800M (System 800xA): from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1284
Source: NVD (National Vulnerability Database)
Vulnerability Title
ABB多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ABB AC800M等都是瑞士ABB公司的产品。ABB AC800M是一款面向工业自动化系统的模块化过程控制器。ABB Symphony Plus SD Series是一系列面向工业过程控制与分布式控制系统的控制与I/O设备。ABB Symphony Plus MR是一系列面向工业过程控制与分布式控制系统的控制与I/O设备。 ABB多款产品存在安全漏洞,该漏洞源于IEC 61850通信栈命令处理问题,可能导致拒绝服务攻击。以下产品和版本受到影响:AC800M 6.0.0x至6.0.0303.0版本、6.1
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ABB | AC800M (System 800xA) | 6.0.0x ~ 6.0.0303.0 | - | |
| ABB | Symphony Plus SD Series | A_0 | - | |
| ABB | Symphony Plus MR (Melody Rack) | 3.10 ~ 3.52 | - | |
| ABB | S+ Operations | 2.1 | - |
II. Public POCs for CVE-2025-3756
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-3756
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: ABB
Same weakness: CWE-1284
- CVE-2026-25863
Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncont - CVE-2025-14688
IBM® Db2® is vulnerable to a denial of service when fetching - CVE-2026-6915
Flaw in the updateUser Command May Allow Unauthorized Config - CVE-2026-1352
IBM® Db2® is vulnerable to a trap or return SQLCODE -901 whe - CVE-2026-6839
ONE 安全漏洞
V. Comments for CVE-2025-3756
No comments yet