BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·22d ago

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-06.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the product versions listed as affected in the advisory. Depending upon the vulnerability, an attacker with access to local network who successfully exploited this vulnerability could have - Unauthorized access - Insufficient Session Expiration leading to resource unavailability - Uncontrolled Resource Consumption leading to DOS attack ABB strongly advises customers to update the latest firmware of affected products. /strong /p p The following versions of ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities are affected: /p ul li WebPro SNMP Card lt;=1.1.8.k, 1.1.8.p /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 8.8 /td td ABB /td td ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities /td td Improper Check for Unusual or Exceptional Conditions, Incorrect Implementation of Authentication Algorithm, Insufficient Session Expiration /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Chemical, Communications, Critical Manufacturing, Dams, Energy, Healthcare and Public Health, Information Technology, Water and Wastewater /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Switzerland /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2025-4675 /a /h3 div class="csaf-accordion-content" p Modus(slave) protocol was implemented incorrectly in the device, port 502 becomes unstable and Modbus service is unavailable until manual reboot of the device. /p p a href="https://www.cve.org/CVERecord?id=CVE-2025-4675" View CVE Details /a /p hr h4 Affected Products /h4 h5 ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities /h5 div class="ics-vendor-version-status" div class="ics-vendor" strong Vendor: /strong br ABB /div div class="ics-version" strong Product Version: /strong br ABB WebPro SNMP Card PowerValue lt;=1.1.8.k /div div class="ics-status" strong Product Status: /strong br fixed, known_affected /div /div div class="ics-remediations" h6 Remediations /h6 p strong Vendor fix /strong br The problem is corrected in the following product versions: WebPro SNMP card PowerValue version 1.1.8.p ABB advises users of the affected product versions to reach out to ABB Digital Service Support ([email protected]) for guidance and recommended actions. Additiona

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-06

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin