ABB Edgenius Management Portal
Summary
ABB Edgenius Management Portal versions 3.2.0.0 and 3.2.1.1 are vulnerable to an authentication bypass flaw, allowing attackers to install and run arbitrary code. This vulnerability, identified as CVE-2025-10571, has a CVSS score of 9.6 and affects critical infrastructure sectors. ABB recommends upgrading to version 3.2.2.0 or disabling the portal until a fix is applied.
IFF Assessment
The vulnerability allows attackers to gain significant control over affected systems, posing a direct threat to defenders.
Severity
The CVSS score of 9.6 reflects the critical severity of the vulnerability, which allows for authentication bypass and subsequent arbitrary code execution, impacting confidentiality, integrity, and availability.
Defender Context
This critical vulnerability in ABB Edgenius Management Portal highlights the ongoing risks to operational technology (OT) and critical infrastructure. Defenders should prioritize patching affected systems or implementing compensating controls like disabling the portal to prevent exploitation.