ICSA-25-093-03
·
Published 2025-03-26
·
View on CISA ICS-CERT ↗
ABB ACS880 Drives Containing CODESYS RTS
CVSS 8.8
HIGH
CVEs (15)
Remediations
- In latest firmware versions for the affected products, ABB has mitigated the CODESYS Runtime System vulnerabilities. IEC online programming communication is disabled by default. As a result, CODESYS tools communication with the drive is disabled. ABB recommends that customers apply the firmware update at earliest convenience. For situations where firmware update is not feasible, please refer to ‘Workarounds’ section guidance
- For situations where firmware update is not feasible, please refer to ‘Workarounds’ section guidance
Affected Vendors
ABB
Affected Products (16)
ABB
·
ACS880 Primary Control Program
<AINLX_v3.47
ABB
·
ACS880 Primary Control Program
<YINLX_v1.30
ABB
·
ACS880 Primary Control Program
>=AINLX_v3.47
ABB
·
ACS880 Primary Control Program
>=YINLX_v1.30
ABB
·
ACS880 IGBT Supply Control Program
<AISLX_v3.43
ABB
·
ACS880 IGBT Supply Control Program
<ALHLX_v3.43
ABB
·
ACS880 IGBT Supply Control Program
<YISLX_v1.30
ABB
·
ACS880 IGBT Supply Control Program
<YLHLX_v1.30
ABB
·
ACS880 IGBT Supply Control Program
>=AISLX_v3.43
ABB
·
ACS880 IGBT Supply Control Program
>=ALHLX_v3.43
ABB
·
ACS880 IGBT Supply Control Program
>=YISLX_v1.30
ABB
·
ACS880 IGBT Supply Control Program
>=YLHLX_v1.30
ABB
·
ACS880 Position Control Program
<=APCLX_v1.04.0.5
ABB
·
ACS880 Position Control Program
>APCLX_v1.04.0.5
ABB
·
ACS880 Test Bench Control Program
<=ATBLX_v3.44.0.0
ABB
·
ACS880 Test Bench Control Program
>ATBLX_v3.44.0.0
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more