MDR
Solutions
Partners
About
Resources
ABB WebPro SNMP Card PowerValue, AC500 V3 PLCs (PM5xxx), Automation Builder Gateway for Windows, and AC500 V3 OpenSSL firmware.
Eight CVEs enabling DoS, auth bypass, session hijacking, PKI exposure, PLC scanning, and stack buffer overflow RCE.
Disclosed 12–13 May 2026; no active exploitation reported at time of publication across all four advisories.
ICS network interfaces, CODESYS gateway port 1217, WebPro firmware, and OpenSSL CMS parsing in PLC firmware.
Improper input validation, auth algorithm bypass, session expiration failure, insecure defaults, and stack buffer overflow in OpenSSL.
Adjacent or remote network attackers send crafted messages or HTTP requests; no authentication required for several flaws.
Attackers could disrupt ICS availability, hijack sessions, exfiltrate cryptographic keys, scan PLC networks, and execute remote code.
Full compromise of ICS confidentiality, integrity, and availability possible; critical industrial infrastructure at significant risk.
Update WebPro to v1.1.8.p, AC500 V3 to firmware 3.9.0 HF1, and Automation Builder to 2.9.0 immediately.
Isolate ICS networks behind firewalls, restrict internet exposure, enforce physical access controls, and use VPNs for remote access.
CISA ICS advisories: ICSA-26-132-03, ICSA-26-132-04, ICSA-26-132-05, ICSA-26-132-06. CVEs: CVE-2025-4675, CVE-2025-4676, CVE-2025-4677, CVE-2025-2595, CVE-2025-41659, CVE-2025-41691, CVE-2024-41975, CVE-2025-15467.
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)