Browse all 217 CVE security advisories affecting ABB. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ABB operates as a global leader in electrification and industrial automation, providing critical infrastructure for power grids, manufacturing, and transportation. With 211 recorded Common Vulnerabilities and Exposures (CVEs), the company’s software and hardware ecosystems have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from legacy industrial control systems and web-based management interfaces, exposing operational technology to potential compromise. Notable incidents include the discovery of hardcoded credentials and unpatched firmware in various PLCs and HMIs, which attackers have exploited to gain unauthorized network access. The sheer volume of CVEs highlights significant challenges in maintaining security across diverse, long-lifecycle products. While ABB implements security updates, the complexity of its integrated solutions continues to present persistent risks for industrial environments relying on its technology.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14774 | Communication analysis between the Card Reader and TP2CardReaderService daemon — T-MAC PlusCWE-863 | 7.4 | High | 2026-06-03 |
| CVE-2025-14773 | Stored Cross-Site Scripting in ABB T-MAC Plus web application — T-MAC PlusCWE-79 | 8.0 | High | 2026-06-03 |
| CVE-2025-14772 | Broken Access Control in ABB T-MAC Plus web application — T-MAC PlusCWE-639 | 8.8 | High | 2026-06-03 |
| CVE-2025-14771 | File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web Site — T-MAC PlusCWE-552 | 9.9 | Critical | 2026-06-03 |
This page lists every published CVE security advisory associated with ABB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.