← Back to home
ICSA-26-195-02  ·  Published 2026-07-14  ·  View on CISA ICS-CERT ↗

ABB Ability Edgenius

CVSS 7.8 HIGH

Risk Summary

ABB is aware of public reports of a vulnerability CVE‑2026‑31431 (Copy Fail) in the product versions listed as affected in the advisory. An update is available that resolves a publicly reported vulnerability. CVE‑2026‑31431 (Copy Fail) is a Linux kernel vulnerability that may allow a locally authenticated user or compromised container workload to gain elevated (root) privileges on affected systems. Once root access is obtained, the attacker can effectively gain complete control of the system

CVEs (1)

Remediations

  • The problem is corrected in the following product versions: - Edgenius 3.2.4.1 ABB recommends that customers apply the update at earliest convenience.
  • Mitigating factors describe conditions and circumstances that make an attack that exploits the vulnerability difficult or less likely to succeed. Refer to section General security recommendations for further advise on how to keep your system secure. Recommended mitigation factors - Limit access to ssh or cockpit - By default, no additional lower privilege users are present on Edgenius installations

Affected Vendors

ABB

Affected Products (2)

ABB · >=3.2.0.0|<3.2.4.1 >=3.2.0.0|<3.2.4.1
ABB · 3.2.4.1 3.2.4.1

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more