Warning: Remote code execution vulnerability in ABB Ability Edgenius, Patch Immediately!

    * Last update:  21/11/2025
   
    * Affected products:
  → ABB Ability Edgenius 3.2.0.0
  → ABB Ability Edgenius 3.2.1.1  

    * Type: CWE-288: Authentication Bypass Using an Alternate Path or Channel

    * CVE/CVSS:

• CVE-2025-10571: CVSS 9.4 (CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)

Sources

ABB - https://search.abb.com/library/Download.aspx?DocumentID=7PAA022088

Risks

An attacker can target publicly facing ABB edge devices and compromise them to gain access to the internal network. This edge device gaps the bridge between the internal network and the cloud environment, which makes it very interesting for an actor to target.

A vulnerable ABB edge device can lead to a full network compromise halting any ongoing business activities. Attackers can further attack other devices after compromising the ABB edge device. This can have a high impact on the confidentiality, integrity and availability of the device.

Description

An attacker compromising the device can perform remote code execution and interact with other internal network devices. The vulnerability can be exploited by an unauthenticated attacker by sending maliciously crafted packets to the system node allowing attackers to then run arbitrary code.

Recommended Actions

Patch 
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.

Monitor/Detect 
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

References

NIST - https://nvd.nist.gov/vuln/detail/CVE-2025-10571