PatchSiren cyber security CVE debrief
CVE-2023-5869 ABB CVE debrief
CVE-2023-5869 affects ABB Ability Symphony Plus S+ Engineering and is rated high severity (CVSS 8.8). According to the advisory, an authenticated PostgreSQL user can provide crafted data that triggers an integer overflow caused by a missing overflow check, which can enable arbitrary code execution. ABB’s guidance is to upgrade impacted systems to S+ Engineering 2.4 SP2 RU1 or later, and to use network segmentation and perimeter controls if immediate upgrading is not possible.
- Vendor
- ABB
- Product
- Ability Symphony Plus
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-13
- Original CVE updated
- 2026-04-30
- Advisory published
- 2026-04-13
- Advisory updated
- 2026-04-30
Who should care
Operators, engineers, and defenders responsible for ABB Ability Symphony Plus S+ Engineering deployments in industrial control environments should care, especially where authenticated PostgreSQL access exists or where the S+ client/server network is reachable beyond tightly controlled segments.
Technical summary
The vulnerability is an integer overflow (CWE-190) in ABB Ability Symphony Plus S+ Engineering. The advisory says an attacker with authenticated PostgreSQL user access can supply crafted data and trigger the overflow due to a missing overflow check, potentially leading to arbitrary code execution. The source assigns CVSS v3.1 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). ABB states that exploitation requires access to the site’s S+ client/server network, and that no workaround is available.
Defensive priority
High — verify whether ABB Ability Symphony Plus S+ Engineering is deployed, then upgrade to 2.4 SP2 RU1 or later as soon as possible and restrict S+ client/server network access until remediation is complete.
Recommended defensive actions
- Inventory ABB Ability Symphony Plus S+ Engineering installations and confirm whether any affected versions are in use.
- Upgrade S+ Engineering 2.2 through 2.4 SP2 to S+ Engineering 2.4 SP2 RU1 or later, per ABB guidance.
- If upgrading cannot be done immediately, apply ABB’s mitigation guidance by restricting access to the S+ client/server network and enforcing perimeter firewall and network segmentation controls.
- Follow ABB and CISA industrial control system security recommendations for defense in depth and site-specific risk reduction.
- Treat the issue as requiring prompt action because ABB indicates no workaround is available.
Evidence notes
This debrief is based on the CISA-republished CSAF advisory ICSA-26-120-06 and the referenced ABB PSIRT advisory materials. The source states that CVE-2023-5869 affects ABB Ability Symphony Plus S+ Engineering versions 2.2 through 2.4 SP2, describes the flaw as a missing overflow check leading to integer overflow, and notes that exploitation requires access to the S+ client/server network. Remediation guidance in the source is to upgrade to 2.4 SP2 RU1 or later; the source also states that no workaround is available.
Official resources
-
CVE-2023-5869 CVE record
CVE.org
-
CVE-2023-5869 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The CISA CSAF advisory for CVE-2023-5869 was first published on 2026-04-13 and updated on 2026-04-30 to republish the ABB PSIRT advisory content. Use the published CVE/advisory dates, not any later publication or review timing, when summar.