PatchSiren cyber security CVE debrief
CVE-2025-4675 ABB CVE debrief
CVE-2025-4675 is an availability issue in ABB WebPro SNMP Card PowerValue products where the Modbus slave implementation is incorrect. According to the advisory, port 502 can become unstable and the Modbus service may become unavailable until the device is manually rebooted. ABB identifies version 1.1.8.p as the corrected release and recommends defensive measures from the product documentation when upgrading is not immediately feasible.
- Vendor
- ABB
- Product
- WebPro SNMP Card
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-07
- Original CVE updated
- 2026-05-12
- Advisory published
- 2026-01-07
- Advisory updated
- 2026-05-12
Who should care
Operators and maintainers of ABB WebPro SNMP Card PowerValue deployments, especially industrial control and building automation teams that rely on Modbus service availability on TCP port 502. OT network defenders should also care because the impact is service interruption rather than data exposure.
Technical summary
The source advisory states that the Modbus(slave) protocol was implemented incorrectly in the device. The resulting failure mode is instability on port 502 and loss of Modbus service availability until manual reboot. The supplied CVSS vector indicates an adjacent-network attack surface (AV:A), low attack complexity, no privileges or user interaction required, and a high availability impact with no confidentiality or integrity impact (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Defensive priority
Medium
Recommended defensive actions
- Upgrade affected WebPro SNMP Card PowerValue devices to version 1.1.8.p, which ABB lists as the corrected version.
- If immediate upgrade is not feasible, apply the mitigating factors and general security recommendations referenced in the ABB advisory and product manual.
- Limit access to Modbus TCP port 502 to trusted management networks and segment OT devices from broader enterprise networks.
- Monitor affected devices for Modbus service instability and maintain a plan for safe recovery/reboot if the service becomes unavailable.
- Contact ABB Digital Service Support for vendor guidance on affected deployments and remediation options.
Evidence notes
All statements are derived from the supplied CISA CSAF source item and its referenced ABB/CISA advisory links. The advisory title identifies the affected product family as ABB WebPro SNMP Card PowerValue, and the remediated version is listed as 1.1.8.p. The source description explicitly says the Modbus service can become unavailable until manual reboot. CVSS details supplied with the source support availability-only impact and adjacent-network exposure. No exploit details or unsupported impact claims are included.
Official resources
-
CVE-2025-4675 CVE record
CVE.org
-
CVE-2025-4675 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2025-4675 was published on 2026-01-07 and the supplied CISA source was modified on 2026-05-12, which the source history describes as a republication of ABB PSIRT advisory 2CRT000009. Use the published date for issue timing; the later C2