PatchSiren cyber security CVE debrief
CVE-2022-43750 ABB CVE debrief
CVE-2022-43750 is a Linux kernel usbmon issue that can corrupt the monitor’s internal memory. In the supplied ABB advisory, CISA maps the CVE to ABB M2M Gateway ARM600 and ABB M2M Gateway SW, with affected version ranges listed in the source. The stated outcomes are denial of service and information disclosure, and the supplied CVSS vector indicates a local attack path requiring high privileges.
- Vendor
- ABB
- Product
- ABB M2M Gateway ARM600
- CVSS
- MEDIUM 6.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
OT and industrial-control administrators running ABB M2M Gateway ARM600 or ABB M2M Gateway SW in the affected ranges, especially teams that expose remote administration paths, maintain VPN access, or manage the surrounding host and network hardening. Security teams responsible for Linux-based gateway components should also review the advisory.
Technical summary
The source description says drivers/usb/mon/mon_bin.c in usbmon can let a user-space client corrupt internal monitor memory. The advisory data associates the CVE with ABB M2M Gateway ARM600 firmware versions 4.1.2 through 5.0.3 and ABB M2M Gateway SW versions 5.0.1 through 5.0.3. The CVSS vector supplied with the record is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C, which points to a locally reachable issue that requires high privileges and can have high confidentiality, integrity, and availability impact.
Defensive priority
Medium
Recommended defensive actions
- Limit exposure of ARM600 to the internet; if remote access is necessary, open only the VPN port and avoid exposing management services directly.
- Use a private cellular APN or a DMZ design for remote connectivity where supported by your deployment model.
- Apply firewall allowlisting so only required ports, protocols, and hosts are permitted.
- Change default credentials, use strong non-reused passwords, and restrict root or administrator use to tasks that require it.
- Follow ABB’s cyber security deployment guidance and user manuals for installation, operation, hardening, and decommissioning.
- Use continuous monitoring and intrusion detection/prevention to watch for anomalies affecting the gateway or its connected environment.
Evidence notes
This debrief is based on the supplied CISA CSAF advisory ICSA-25-105-08, published 2025-04-07, plus the linked official CVE and NVD records. The source explicitly ties CVE-2022-43750 to ABB M2M Gateway ARM600 and ABB M2M Gateway SW and provides version ranges and mitigations. No KEV entry or ransomware-campaign data was supplied. The advisory text describes a Linux kernel usbmon memory corruption condition that can lead to denial of service or information disclosure.
Official resources
-
CVE-2022-43750 CVE record
CVE.org
-
CVE-2022-43750 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the CISA CSAF advisory ICSA-25-105-08 on 2025-04-07; official CVE and NVD records are also available.