CVE-2025-9574NVD

Vulnerability Summary

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects .

All firmware versions with the Serial Number from 2000 to 5166

Severity Level

CRITICAL(9.9)

Published Date

Oct 20, 2025

Last Modified

Oct 20, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-306: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

External References

https://search.abb.com/library/Download.aspx?DocumentID=4TZ00000006007&LanguageCode=en&DocumentPartId=PDF&Action=Launch

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-9574NVD

Vulnerability Summary

External References