Summary
Successful exploitation of this vulnerability could allow an attacker to bypass user authentication on OPTIMAX installations that make use of the Azure Active Directory Single-Sign On integration.
The following versions of ABB Ability OPTIMAX are affected:
- ABB Ability OPTIMAX 6.1 vers:all/*
- ABB Ability OPTIMAX 6.2 vers:all/*
- ABB Ability OPTIMAX 6.3 <6.3.1-251120
- ABB Ability OPTIMAX 6.4 <6.4.1-251120
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 8.1 | ABB | ABB Ability OPTIMAX | Incorrect Implementation of Authentication Algorithm |
Background
- Critical Infrastructure Sectors: Energy, Water and Wastewater
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Switzerland
Vulnerabilities
CVE-2025-14510
The vulnerability allows an attacker to bypass user authentication on OPTIMAX installations that make use of the Azure Active Directory Single-Sign On integration.
Affected Products
ABB Ability OPTIMAX
ABB
ABB ABB Ability OPTIMAX 6.1: vers:all/*, ABB ABB Ability OPTIMAX 6.2: vers:all/*, ABB ABB Ability OPTIMAX 6.3: <6.3.1-251120, ABB ABB Ability OPTIMAX 6.4: <6.4.1-251120
known_affected
Remediations
Mitigation
The following product versions have been fixed:
Ability OPTIMAX 6.3 6.3.1-251120 is a fixed version for CVE-2025-14510
Mitigation
For more information see the associated ABB PSIRT security advisory 9AKK108472A1331 ABB CYBERSECURITY ADVISORY – PDF Version (https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A1331&LanguageCode=en&DocumentPartId=&Action=Launch), ABB CYBERSECURITY ADVISORY – CSAF Version (https://psirt.abb.com/csaf/2026/9akk108472a1331.json).
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A1331&LanguageCode=en&DocumentPartId=&Action=Launch
Mitigation
For more information see the associated ABB PSIRT security advisory 9AKK108472A1331 ABB CYBERSECURITY ADVISORY – PDF Version (https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A1331&LanguageCode=en&DocumentPartId=&Action=Launch), ABB CYBERSECURITY ADVISORY – CSAF Version (https://psirt.abb.com/csaf/2026/9akk108472a1331.json).
https://psirt.abb.com/csaf/2026/9akk108472a1331.json
Relevant CWE: CWE-303 Incorrect Implementation of Authentication Algorithm
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Acknowledgments
- ABB PSIRT reported this vulnerability to CISA
Legal Notice and Terms of Use
This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: