ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

Summary

ABB disclosed three internally discovered vulnerabilities affecting WebPro SNMP Card PowerValue versions ≤1.1.8.k: improper Modbus protocol implementation causing service unavailability (CVE-2025-4675), authentication bypass via single-character validation allowing brute force (CVE-2025-4676), and missing session timeout on ports 23/502 enabling resource exhaustion DoS (CVE-2025-4677). All vulnerabilities are fixed in version 1.1.8.p, which ABB strongly recommends customers deploy immediately.

Full text

ICS Advisory ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities Release DateMay 12, 2026 Alert CodeICSA-26-132-06 Related topics: Industrial Control System Vulnerabilities, Industrial Control Systems View CSAF Summary ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the product versions listed as affected in the advisory. Depending upon the vulnerability, an attacker with access to local network who successfully exploited this vulnerability could have - Unauthorized access - Insufficient Session Expiration leading to resource unavailability - Uncontrolled Resource Consumption leading to DOS attack ABB strongly advises customers to update the latest firmware of affected products. The following versions of ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities are affected: WebPro SNMP Card <=1.1.8.k, 1.1.8.p CVSS Vendor Equipment Vulnerabilities v3 8.8 ABB ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities Improper Check for Unusual or Exceptional Conditions, Incorrect Implementation of Authentication Algorithm, Insufficient Session Expiration Background Critical Infrastructure Sectors: Chemical, Communications, Critical Manufacturing, Dams, Energy, Healthcare and Public Health, Information Technology, Water and Wastewater Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2025-4675 Modus(slave) protocol was implemented incorrectly in the device, port 502 becomes unstable and Modbus service is unavailable until manual reboot of the device. View CVE Details Affected Products ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities Vendor:ABB Product Version:ABB WebPro SNMP Card PowerValue <=1.1.8.k Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: WebPro SNMP card PowerValue version 1.1.8.p ABB advises users of the affected product versions to reach out to ABB Digital Service Support (ch.ups.digital@abb.com) for guidance and recommended actions. Additionally, ABB recommends implementing defensive measures to reduce the risk of vulnerability exploitation, as outlined in the product instruction manual. Please refer to the section “Mitigation factors” for more information. MitigationMitigating factors describe conditions and circumstances that make an attack that exploits the vulnerability difficult or less likely to succeed. In case customer cannot opt for not to upgrade the firmware or it is not feasible then please immediately apply mitigating factors mentioned in “General security recommendations”. Relevant CWE: CWE-754 Improper Check for Unusual or Exceptional Conditions Metrics CVSS Version Base Score Base Severity Vector String 3.1 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:U CVE-2025-4676 Device web HMI authenticates user by validating the first character of the session cookie and authentication token. So, if only the first characters of the session cookie and token are correct, a user will be validated. An attacker can easily brute force the first character of both session cookie and bearer token. This vulnerability allows an attacker to easily bypass the authentication implemented on the device. View CVE Details Affected Products ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities Vendor:ABB Product Version:ABB WebPro SNMP Card PowerValue <=1.1.8.k Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: WebPro SNMP card PowerValue version 1.1.8.p ABB advises users of the affected product versions to reach out to ABB Digital Service Support (ch.ups.digital@abb.com) for guidance and recommended actions. Additionally, ABB recommends implementing defensive measures to reduce the risk of vulnerability exploitation, as outlined in the product instruction manual. Please refer to the section “Mitigation factors” for more information. MitigationMitigating factors describe conditions and circumstances that make an attack that exploits the vulnerability difficult or less likely to succeed. In case customer cannot opt for not to upgrade the firmware or it is not feasible then please immediately apply mitigating factors mentioned in “General security recommendations”. Relevant CWE: CWE-303 Incorrect Implementation of Authentication Algorithm Metrics CVSS Version Base Score Base Severity Vector String 3.1 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:U CVE-2025-4677 Idle session timeout is not configured for port 23 and 502 in device, due to which an attacker can make number of connections to the device and since device is not destroying the connections, it can lead to unavailability of the resources from the device. View CVE Details Affected Products ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities Vendor:ABB Product Version:ABB WebPro SNMP Card PowerValue <=1.1.8.k Product Status:fixed, known_affected Remediations Vendor fixThe problem is corrected in the following product versions: WebPro SNMP card PowerValue version 1.1.8.p ABB advises users of the affected product versions to reach out to ABB Digital Service Support (ch.ups.digital@abb.com) for guidance and recommended actions. Additionally, ABB recommends implementing defensive measures to reduce the risk of vulnerability exploitation, as outlined in the product instruction manual. Please refer to the section “Mitigation factors” for more information. MitigationMitigating factors describe conditions and circumstances that make an attack that exploits the vulnerability difficult or less likely to succeed. In case customer cannot opt for not to upgrade the firmware or it is not feasible then please immediately apply mitigating factors mentioned in “General security recommendations”. Relevant CWE: CWE-613 Insufficient Session Expiration Metrics CVSS Version Base Score Base Severity Vector String 3.1 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:U Acknowledgments ABB PSIRT reported these vulnerabilities to CISA. Notice The information in this document is subject to change without notice, and should not be construed as a commitment by ABB. ABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall ABB or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if ABB or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from ABB, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners. Frequently Asked Questions What causes the vulnerability? - The vulnerabilities are caused by code defects allowing the attacker to do various unintended, unauthorized actions on the target device. Please look at the description of the respective vulnerabilities in section “Vulnerability severity and details” for further details. What is WebPro SNMP Card PowerValue? - The WebPro SNMP Card PowerValue provide web server to monitor and manage multiple UPS products in networked environment. It can detect temperature and humidity for the environment via connecting to EMD (Environmental Monitoring Device). It can not only prevent data loss from power outage and safely shutdown systems but also store programming data and scheduled shut down the UPS. All UPS warning and fault event records can be kept in WebPro SNMP Card PowerValue. What might an attacker use the vulnerability to do?

Indicators of Compromise

• cve — CVE-2025-4675
• cve — CVE-2025-4676
• cve — CVE-2025-4677
• email — ch.ups.digital@abb.com

Entities