Multiple vulnerabilities have been discovered in **ABB**'s WebPro SNMP Card PowerValue, potentially impacting critical infrastructure sectors. A recent advisory highlights the risks and urges users to update to the latest firmware. ### Vulnerability Details The vulnerabilities, discovered internally by **ABB**, affect the following versions: * WebPro SNMP Card <=1.1.8.k, 1.1.8.p Successful exploitation could grant attackers unauthorized access, cause resource unavailability due to insufficient session expiration, or trigger denial-of-service attacks through uncontrolled resource consumption. | CVSS | Vendor | Equipment | Vulnerabilities | | :----- | :----- | :----------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | v3 8.8 | **ABB** | **ABB** WebPro SNMP Card PowerValue Multiple Vulnerabilities | Improper Check for Unusual or Exceptional Conditions, Incorrect Implementation of Authentication Algorithm, Insufficient Session Expiration | ### Affected Sectors The **ABB** WebPro SNMP Card PowerValue is deployed across various critical infrastructure sectors, including: * Chemical * Communications * Critical Manufacturing * Dams * Energy * Healthcare and Public Health * Information Technology * Water and Wastewater This widespread deployment means that vulnerabilities in this product could have far-reaching consequences. ### Specific Vulnerabilities The advisory details three specific vulnerabilities: #### **CVE-2025-4675**: Improper Check for Unusual or Exceptional Conditions The Modbus (slave) protocol implementation contains an error, causing instability on port 502 and rendering the Modbus service unavailable until a manual device reboot. [View CVE Details](https://www.cve.org/CVERecord?id=CVE-2025-4675) ##### Affected Products **ABB** WebPro SNMP Card PowerValue <=1.1.8.k #### **CVE-2025-4676**: Incorrect Implementation of Authentication Algorithm The device's web HMI authenticates users by validating only the first character of the session cookie and authentication token. This allows attackers to easily bypass authentication through brute-force attacks. [View CVE Details](https://www.cve.org/CVERecord?id=CVE-2025-4676) ##### Affected Products **ABB** WebPro SNMP Card PowerValue <=1.1.8.k #### **CVE-2025-4677**: Insufficient Session Expiration Idle session timeout is not configured for ports 23 and 502, allowing attackers to establish numerous connections, leading to resource exhaustion and denial of service. [View CVE Details](https://www.cve.org/CVERecord?id=CVE-2025-4677) ##### Affected Products **ABB** WebPro SNMP Card PowerValue <=1.1.8.k ### Mitigation **ABB** strongly advises customers to update to the latest firmware version of affected products. This update addresses all the vulnerabilities mentioned in the advisory. ### Recommended Practices CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability. * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet. * Locate control system networks and remote devices behind firewalls and isolate them from business networks. * When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.