ICSA-25-310-03
·
Published 2025-11-06
·
View on CISA ICS-CERT ↗
ABB FLXeon Controllers
CVSS 8.8
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker to take remote control of the product, insert and run arbitrary code, and crash the device being accessed.
Remediations
- ABB recommends users do the following actions on any released SW version of FLXeon:
- Stop and disconnect any FLXeon products that are exposed directly to the Internet, either via a direct ISP connection or via NAT port forwarding.
- Ensure that physical controls are in place, so no unauthorized personnel can access your devices, components, peripheral equipment, and networks.
- Ensure that all FLXeon products are upgraded to the latest firmware version. The latest version of FLXeon firmware can be found on the respective product homepage.
- When remote access is required, only use secure methods. If a Virtual Private Network (VPN) is used, ensure that the chosen VPN is secure i.e. updated to the most current version available and configured for secure access.
- For more information refer to ABB's Cybersecurity Advisory 9AKK108471A7121. The ABB advisory includes a detailed mapping of applicable mitigations for each listed vulnerability.
Affected Vendors
ABB
Affected Products (12)
ABB
·
FBXi-8R8-X96 (2CQG201028R1011)
<=9.3.5
ABB
·
FBXi-8R8-H-X96 (2CQG201029R1011)
<=9.3.5
ABB
·
FBXi-X256 (2CQG201014R1021)
<=9.3.5
ABB
·
FBXi-X48 (2CQG201018R1021)
<=9.3.5
ABB
·
FBXi-8R8-X96-S (2CQG201606R1011)
<=9.3.5
ABB
·
FBVi-2U4-4T (2CQG201015R1021 )
<=9.3.5
ABB
·
FBVi-2U4-4T-IMP (2CQG201016R1021)
<=9.3.5
ABB
·
FBVi-2U4-4T-SI
<=9.3.5
ABB
·
FBTi-7T7-1U1R (2CQG201022R1011)
<=9.3.5
ABB
·
FBTi-6T1-1U1R (2CQG201022R1011)
<=9.3.5
ABB
·
CBXi-8R8 (2CQG201001R1021)
<=9.3.5
ABB
·
CBXi-8R8-H (2CQG201001R1021)
<=9.3.5
Affected Sectors
Commercial Facilities
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more