← Back to home
ICSA-26-139-01  ·  Published 2026-05-19  ·  View on CISA ICS-CERT ↗

ABB CoreSense HM and CoreSense M10

CVSS 7.1 HIGH

Risk Summary

An update is available that resolves vulnerability in the product versions listed as affected in this advisory. A path traversal vulnerability in these products can allow unauthenticated users to gain access to restricted directories. Exploiting this vulnerability can lead to complete system compromise and exposure of sensitive information.

CVEs (1)

Remediations

  • The vulnerabilities are corrected in the following version: CoreSense™ HM v2.3.4 & CoreSense™ M10 v1.4.1.31 ABB recommends that customers apply the update at the earliest convenience.

Affected Vendors

ABB

Affected Products (4)

ABB · <=2.3.1 <=2.3.1
ABB · 2.3.4 2.3.4
ABB · <=1.4.1.12 <=1.4.1.12
ABB · 1.4.1.31 1.4.1.31

Affected Sectors

Food and Agriculture, Commercial Facilities, Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more