IM
IronMonkey Threat Research
‹ Back to ICS Advisories

ABB AbilityTM zenon Remote Transport Vulnerability

HIGH
CVSS 7.5
Date 2026-07-06T00:30:00+00:00
Source abb-psirt
Published by ABB PSIRT

// Description

The vulnerability enables unauthorized access to the Reboot OS function within the Remote Transport Service, allowing an attacker to trigger a system reboot without the required authentication. This functionality initiates a system reboot on the target machine. However, remote exploitation of this vulnerability is not feasible unless the attacker has already gained access to the network where the affected ABB Ability™ zenon system is deployed. At the time of writing, there is no evidence that this vulnerability is being actively exploited in the wild.

// Vulnerabilities (1)

CVE ID CVSS Score Severity Description
CVE-2025-8754 7.5 high
CVE-2025-8754. In the default configuration of the ABB zenon software platform, the zensyssrv.exe service is set to start automatically. To utilize the Remote Transport Service, users are required to configure a password beforehand. However, a security vulnerability has been identified that enables unauthorized attackers to bypass authentication mechanisms and remotely initiate a system reboot without proper authorization

// Affected Products (3)

Vendor Product Asset Type Purdue Level Firmware
ABB Unknown scada_server
L2
--
ABB Unknown scada_server
L2
--
ABB Unknown scada_server
L2
--

// Remediations (4)

Patch: The issue has been corrected in the following ABB Ability™ zenon product versions: Version 11 build
The issue has been corrected in the following ABB Ability™ zenon product versions: Version 11 build 400376, Version 12 build 407620 and Version 14 build 405141, where the respective patches have been successfully released. ABB recommends that customers upgrade to these patched versions at the earliest convenience. The updated versions are available through the zenon Update Manager (Versions 12 and 14). For Version 11, please contact [email protected].
Mitigation: Refer to section “General security recommendations” for further advise on how to keep your system se
Refer to section “General security recommendations” for further advise on how to keep your system secure.
Workaround: - Restrict network access to systems with the ABB zenon Software Platform installed. - Ensure tha
- Restrict network access to systems with the ABB zenon Software Platform installed. - Ensure that access to a system is restricted by implementing access controls to minimize the risk of unauthorized access. - Assess the necessity of the ABB zenon Remote Transport functionality. - Ensure that if the Remote Transport functionality is not used, the zensyssrv.exe (ABB zenon System Service) is stopped or terminated. The zensyssrv.exe can also be stopped or terminated after authorized use to prevent this vulnerability.
Workaround: • Restrict network access to systems with the ABB Zenon Software Platform installed. - Ensure that
• Restrict network access to systems with the ABB Zenon Software Platform installed. - Ensure that access to a system is restricted by implementing access controls to minimize the risk of unauthorized access. • Assess the necessity of the ABB Zenon Remote Transport functionality. - Ensure that if the Remote Transport functionality is not used, the zensyssrv.exe (ABB Zenon System Service) is stopped or terminated. The zensyssrv.exe can also be stopped or terminated after authorized use to prevent this vulnerability.

// References