ABB Patches Critical T-MAC Plus Terminal System Flaws

Understanding the Management Vulnerabilities

Industrial operator ABB recently issued an urgent security update to address several ABB T-MAC Plus vulnerabilities. These security flaws threaten terminal infrastructure by allowing unauthorized actions. Specifically, attackers can exploit these bugs to access private system records. Consequently, the vendor advises immediate patching to protect industrial endpoints.

The affected software serves as a core Terminal Management System (TMS) for chemical and petroleum installations. However, the discovered defects expose critical administrative web applications to serious operational risks. Specifically, tracked as CVE-2025-14771 (CVSS 9.9), a file disclosure bug allows authenticated users to exfiltrate database records via crafted HTTP requests. Furthermore, a broken access control defect (CVE-2025-14772) creates a dangerous privilege escalation path within the web panel. According to the official advisory text:

“Broken access controls in ABB T-MAC Plus web application allow unprivileged users to perform administrative operations”

Therefore, an authenticated user with low privileges can execute high-level tasks undetected. As a result, internal corporate threat vectors expand significantly.

Assessing the Impact and Mitigations

Card Reader Disruptions

In addition to web-based issues, the system suffers from protocol weaknesses. For instance, CVE-2025-14774 targets the underlying card reader communications daemon. An unauthenticated attacker can execute a denial-of-service attack to block active hardware units. Fortunately, exploiting these hardware-level ABB T-MAC Plus vulnerabilities requires local physical network access. The document highlights the strict conditions for this exploit:

“Insecure network protocol in ABB T-MAC Plus allows unauthenticated attackers to perform a denial-of-service (DoS) of the Card Reader service.”

Consequently, maintaining strict physical perimeter safety remains a vital defensive hurdle.

Recommended Remediation Steps

To resolve these critical terminal system flaws, asset owners must implement vendor patches swiftly. For example, ABB has fully corrected the core configuration flaws in T-MAC Plus version 4.0-25. Additionally, security managers must isolate special-purpose automation networks behind robust firewalls. This practice effectively prevents cross-contamination from general corporate office systems. You should also enforce strict least-privilege rules to restrict access across user tiers. Ultimately, rapid deployment of official firmware updates represents the single best defense against local data tampering.