CP
cyberpings
VulnerabilitiesHIGH

ABB Issues Security Advisory for AWIN Gateways Vulnerabilities

CCCanadian Cyber Centre Alerts
CVE-2025-13777CVE-2025-13778CVE-2025-13779AWIN GW100AWIN GW120
🎯

Basically, ABB found security flaws in some of their products and issued a warning.

Quick Summary

ABB has issued a security advisory for vulnerabilities in AWIN Gateways. Users of these products are at risk of unauthorized access. Immediate action is recommended to safeguard critical systems.

The Flaw

On March 11, 2026, ABB released a security advisory detailing critical vulnerabilities in their AWIN Gateway products. The affected devices include the AWIN GW100 rev.2 (versions 2.0-0 to 2.0-1) and the AWIN GW120 (versions 1.2-0 to 1.2-1). These vulnerabilities are related to the embedded webserver within these gateways, which could potentially expose systems to unauthorized access.

The vulnerabilities are identified by the CVE IDs: CVE?-2025-13777, CVE?-2025-13778, and CVE?-2025-13779. Each of these vulnerabilities poses significant risks, as they can be exploited by attackers to gain control over the affected devices, leading to potential disruptions in critical control systems.

What's at Risk

The AWIN Gateways are integral to various control systems, particularly in industrial settings. If exploited, these vulnerabilities could allow attackers to manipulate processes, disrupt operations, or even compromise sensitive data. Industrial control systems are vital for maintaining safety and efficiency in manufacturing and utility services, making these vulnerabilities a serious concern.

The potential impact extends beyond just ABB's customers; it could affect entire industries relying on these systems. The security of critical infrastructure is paramount, and vulnerabilities in such systems can lead to widespread consequences.

Patch Status

ABB has encouraged users and administrators to review the advisory and take the necessary steps to mitigate these vulnerabilities. While specific patches? or updates were not detailed in the advisory, it is crucial for users to monitor ABB's communications for updates on remediation.

The Cyber Centre has also emphasized the importance of implementing the suggested mitigations? as soon as possible. Users should prioritize applying updates and reviewing security configurations to safeguard their systems against potential exploitation.

Immediate Actions

To protect against these vulnerabilities, users of the affected AWIN Gateway products should:

  • Review the ABB security advisory and associated links for detailed information.
  • Implement any recommended mitigations? immediately.
  • Regularly check for updates from ABB regarding patches? or additional security measures.

By taking these proactive steps, users can significantly reduce the risk of exploitation and ensure the integrity of their control systems. Security in industrial environments is not just about technology; it’s about maintaining trust and safety in operations.

💡 Tap dotted terms for explanations

🔒 Pro insight: The vulnerabilities in ABB's AWIN Gateways reflect a growing trend of targeting embedded systems in industrial environments, necessitating immediate patching efforts.

Original article from

Canadian Cyber Centre Alerts

Read Full Article

Share

Related Pings

HIGHVulnerabilities

Windows 11 Bug Locks Users Out of System Drive C

A critical bug in Windows 11 is locking users out of their system drives. Affected Samsung devices are unable to access essential applications. Microsoft is investigating the issue and advises users to wait for a patch.

Cyber Security News·
HIGHVulnerabilities

Critical Coruna Flaw Fixed for Older iPhones and iPads

Apple has issued critical updates for older iPhones and iPads to fix the Coruna flaw. This vulnerability could expose sensitive data, making it essential for users to update their devices. Protect yourself by ensuring your device is up to date.

SC Media·
HIGHVulnerabilities

Cisco Catalyst SD-WAN Vulnerability Under Active Exploitation

CISA warns of a critical vulnerability in Cisco Catalyst SD-WAN systems. Federal agencies must act quickly to secure their networks. This flaw poses serious risks to sensitive data and operations.

SC Media·
MEDIUMVulnerabilities

Windows Autopatch to Default to Hotpatch Security Updates

Microsoft will soon enable hotpatch security updates by default for Windows Autopatch users. This change affects devices running Windows 11 version 24H2 or later. It aims to speed up security updates without requiring reboots, enhancing user experience and security.

SC Media·
HIGHVulnerabilities

Google Chrome Flaws Added to CISA's Exploited Vulnerabilities List

CISA has added two high-severity Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. Millions of users are at risk, as these flaws have already been exploited in the wild. Immediate updates and awareness are crucial to protect against potential attacks.

Security Affairs·
HIGHVulnerabilities

Old Industrial Controllers Spark Bidding War on eBay

A bidding war on eBay for 30-year-old industrial controllers raises cybersecurity concerns. These outdated systems pose risks to critical infrastructure. Immediate action is needed to secure them.

Dark Reading·