One-Way Hash with Predictable Salt Issue in ABB FLXEON Products
CVE-2025-10205

8.7HIGH

Key Information:

Vendor: Abb
Status: Flxeon
Vendor: CVE Published:; 17 September 2025

What is CVE-2025-10205?

A vulnerability has been identified in ABB FLXEON, where the implementation of a one-way hash function utilizes a predictable salt. This could allow attackers to exploit the predictable nature of the salt to compromise data integrity. This issue affects versions up to 9.3.5 and newer, potentially exposing sensitive information and enabling unauthorized access. Organizations using ABB FLXEON should take immediate steps to mitigate risks associated with this vulnerability.

Affected Version(s)

FLXEON 0 <= 9.3.5

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 10, 2025

Credit

ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure.

JSON

Abb

What is CVE-2025-10205?

Affected Version(s)

References

CVSS V4

Timeline

Credit