ABB AbilityTM Zenon Remote Transport Vulnerability

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-146-03.json strong View CSAF /strong /a /p h2 Summary /h2 p strong ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. The vulnerability enables unauthorized access to the Reboot OS function within the Remote Transport Service, allowing an attacker to trigger a system reboot without the required authentication. This functionality initiates a system reboot on the target machine. However, remote exploitation of this vulnerability is not feasible unless the attacker has already gained access to the network where the affected ABB Ability™ zenon system is deployed. At the time of writing, there is no evidence that this vulnerability is being actively exploited in the wild. /strong /p p The following versions of ABB AbilityTM Zenon Remote Transport Vulnerability are affected: /p ul li AbilityTM zenon gt;=7.50| lt;=14 /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 7.5 /td td ABB /td td ABB AbilityTM Zenon Remote Transport Vulnerability /td td Missing Authentication for Critical Function /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Chemical, Communications, Critical Manufacturing, Dams, Energy, Healthcare and Public Health, Information Technology, Water and Wastewater /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Switzerland /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2025-8754 /a /h3 div class= csaf-accordion-content p In the default configuration of the ABB zenon software platform, the zensyssrv.exe service is set to start automatically. To utilize the Remote Transport Service, users are required to configure a password beforehand. However, a security vulnerability has been identified that enables unauthorized attackers to bypass authentication mechanisms and remotely initiate a system reboot without proper authorization /p p a href= https://www.cve.org/CVERecord?id=CVE-2025-8754 View CVE Details /a /p hr h4 Affected Products /h4 h5 ABB AbilityTM Zenon Remote Transport Vulnerability /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br ABB /div div class= ics-version strong Product Version: /strong br ABB Ability Zenon gt;=7.50| lt;=14 /div div class= ics-status strong Product Status: /strong br known_affected /div /div div class= ics-remediations h6 Remediations /h6 p strong Workaround /strong br • Restrict network access to systems with the ABB zen