PatchSiren cyber security CVE debrief
CVE-2025-14510 ABB CVE debrief
ABB Ability OPTIMAX installations that use Azure Active Directory Single-Sign On are affected by an authentication bypass. CISA published the advisory on 2026-01-16 and republished ABB PSIRT material on 2026-04-30; the vendor states the issue is fixed in 6.3.1-251120 and 6.4.1-251120 or later.
- Vendor
- ABB
- Product
- Ability OPTIMAX
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-16
- Original CVE updated
- 2026-04-30
- Advisory published
- 2026-01-16
- Advisory updated
- 2026-04-30
Who should care
OT/ICS security teams, ABB Ability OPTIMAX administrators, and identity/access management owners responsible for deployments that use Azure Active Directory SSO—especially environments still running 6.1, 6.2, or older 6.3/6.4 builds.
Technical summary
The advisory describes a network-reachable authentication bypass affecting OPTIMAX when Azure Active Directory SSO is enabled. ABB lists three exploitation preconditions: the system must be integrated with Azure AD, the attacker must have a network communication channel to OPTIMAX, and the attacker must know a valid non-default username on the system. The published CVSS vector is CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating potentially severe impact if the vulnerable path is reachable.
Defensive priority
High. Prioritize remediation on any OPTIMAX instance that uses Azure AD SSO, because successful abuse can defeat user authentication and the score reflects high confidentiality, integrity, and availability impact.
Recommended defensive actions
- Inventory and confirm which OPTIMAX systems use Azure Active Directory SSO.
- Identify installed versions and compare them with ABB's fixed releases, 6.3.1-251120 and 6.4.1-251120 or later.
- Apply vendor updates as soon as feasible; for older 6.3/6.4 installations, follow ABB's guidance to update the operating system, and for unsupported 6.1/6.2 systems contact ABB for a migration path.
- Limit network reachability to OPTIMAX and keep OT access segmented while remediation is pending.
- Review authentication and access logs for unusual or unexpected successful logins on affected systems.
- Follow ABB and CISA industrial control system hardening guidance for general security recommendations.
Evidence notes
Based on CISA CSAF ICSA-26-120-04 republishing ABB PSIRT advisory 9AKK108472A1331. The source explicitly states the issue is corrected in ABB Ability OPTIMAX 6.3.1-251120 and 6.4.1-251120 or later, and that exploitation requires Azure AD integration, network access, and knowledge of a valid username. No KEV entry was provided in the supplied data.
Official resources
-
CVE-2025-14510 CVE record
CVE.org
-
CVE-2025-14510 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA as ICSA-26-120-04 on 2026-01-16 and revised on 2026-04-30 when CISA republished the ABB PSIRT advisory; use the published and modified dates in the source for timing context.