Authentication Bypass Vulnerability in ABB AWIN Gateway Products
CVE-2025-13777

7.2HIGH

Key Information:

Vendor: Abb
Status: Awin Gw100 Rev.2; Awin Gw120
Vendor: CVE Published:; 13 March 2026

What is CVE-2025-13777?

An authentication bypass vulnerability exists in the ABB AWIN GW100 rev.2 and AWIN GW120 products, allowing attackers to exploit a capture-replay flaw. This issue affects specific firmware versions, enabling unauthorized access to sensitive information and control functions, jeopardizing system security. Users are advised to update their products to mitigate potential risks.

Affected Version(s)

AWIN GW100 rev.2 2.0-0

AWIN GW100 rev.2 2.0-1

AWIN GW120 1.2-0

References

https://search.abb.com/library/Download.aspx?DocumentID=4...

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2026
Vulnerability Reserved
Nov 28, 2025

CVE-2025-13777 Data

JSON

Abb

What is CVE-2025-13777?

Affected Version(s)

References

CVSS V4

Timeline