PatchSiren cyber security CVE debrief
CVE-2025-4677 ABB CVE debrief
CVE-2025-4677 is a medium-severity availability issue in ABB WebPro SNMP Card PowerValue. The advisory says idle session timeout is not configured on ports 23 and 502, allowing connections to accumulate until device resources are exhausted and service becomes unavailable.
- Vendor
- ABB
- Product
- WebPro SNMP Card
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-07
- Original CVE updated
- 2026-05-12
- Advisory published
- 2026-01-07
- Advisory updated
- 2026-05-12
Who should care
Operators and maintainers of ABB PowerValue / WebPro SNMP Card devices, especially OT/ICS teams responsible for systems that expose or rely on ports 23 or 502. Network and site reliability teams should also care because the impact is loss of device availability rather than data exposure.
Technical summary
The source advisory describes a missing idle session timeout on ports 23 and 502. Because the device does not destroy idle connections, an attacker from an adjacent network can create many sessions and consume device resources, leading to unavailability. The supplied CVSS vector indicates adjacent-network access, no privileges, no user interaction, and high availability impact, with no confidentiality or integrity impact stated.
Defensive priority
Medium. The CVSS score is 6.5, but the issue can directly affect device availability in an industrial environment, so remediation should be planned promptly and prioritized for devices with meaningful operational exposure.
Recommended defensive actions
- Upgrade ABB WebPro SNMP Card PowerValue to version 1.1.8.p, which the advisory identifies as the corrected release.
- If upgrading is not immediately feasible, apply the mitigation factors and general security recommendations from the product instruction manual.
- Restrict access to ports 23 and 502 to trusted management or control networks only.
- Monitor for unusual growth in active connections or signs of resource exhaustion on affected devices.
- Contact ABB Digital Service Support at [email protected] for guidance and recommended actions.
- Apply CISA ICS recommended practices and defense-in-depth controls appropriate for OT environments.
Evidence notes
This debrief is based on CISA CSAF advisory ICSA-26-132-06, which republishes ABB PSIRT advisory 2CRT000009. The supplied corpus states that the issue is a missing idle session timeout on ports 23 and 502 and that version 1.1.8.p corrects the problem. Timing uses the CVE publication date of 2026-01-07, with the later CISA republication on 2026-05-12 noted only as advisory history.
Official resources
-
CVE-2025-4677 CVE record
CVE.org
-
CVE-2025-4677 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA’s ICS advisory ICSA-26-132-06 on 2026-01-07, with CISA’s republication of ABB PSIRT advisory 2CRT000009 noted on 2026-05-12.