CVE-2025-14510

9.2

Critical

Published:16 Jan 2026

Last updated:17 Jun 2026

Source:cybersecurity@ch.abb.com

Deferred

Weakness (CWE)

CWE-303CWE-303

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: High
Attack Requirements: Present
Privileges Required: None
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): None
Integrity (Subsequent): None
Availability (Subsequent): None

View on MITRE Find PoC on GitHub

Description

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120.

References

cybersecurity@ch.abb.com

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A1331&LanguageCode=en&DocumentPartId=&Action=Launch