CVE-2025-8754 HIGH

Published: 2025-08-13 | Last Modified: 2026-04-15 | Status: Deferred

Description

Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14.

Additional Descriptions (1)

Vulnerabilidad de autenticación faltante para función crítica en ABB ABB AbilityTM zenon. Este problema afecta a ABB AbilityTM zenon: desde la versión 7.50 hasta la 14.

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	HIGH

Source: [email protected]

Type: Secondary

Exploitability Score: 3.9

Impact Score: 3.6

Base Score: 8.7 (HIGH)

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X

Attack Vector	NETWORK
Attack Complexity	LOW
Attack Requirements	NONE
Privileges Required	NONE
User Interaction	NONE
Vulnerability Confidentiality	NONE
Vulnerability Integrity	NONE
Vulnerability Availability	HIGH
Subsequent Confidentiality	NONE
Subsequent Integrity	NONE
Subsequent Availability	NONE

Source: [email protected]

Type: Secondary

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-306

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA002743&LanguageCode=en&DocumentPartId=&Action=Launch
Source: [email protected]