CVE-2025-14771 CRITICAL

Published: 2026-06-03 | Last Modified: 2026-06-03 | Status: Received

Description

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

CVSS Metrics

Base Score: 9.9 (CRITICAL)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	LOW
User Interaction	NONE
Scope	CHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	HIGH

Source: [email protected]

Type: Secondary

Exploitability Score: 3.1

Impact Score: 6.0

Base Score: 7.3 (HIGH)

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector	NETWORK
Attack Complexity	LOW
Attack Requirements	PRESENT
Privileges Required	LOW
User Interaction	NONE
Vulnerability Confidentiality	HIGH
Vulnerability Integrity	LOW
Vulnerability Availability	HIGH
Subsequent Confidentiality	HIGH
Subsequent Integrity	LOW
Subsequent Availability	HIGH

Source: [email protected]

Type: Secondary

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-552

References

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&LanguageCode=en&DocumentPartId=&Action=Launch
Source: [email protected]