Missing Authentication Vulnerability in ABB AWIN GW100 and AWIN GW120 Products
CVE-2025-13779

7.2HIGH

Key Information:

Vendor: Abb
Status: Awin Gw100 Rev.2; Awin Gw120
Vendor: CVE Published:; 13 March 2026

What is CVE-2025-13779?

The vulnerability in ABB AWIN GW100 and AWIN GW120 products arises from missing authentication in critical functions, potentially allowing unauthorized access. This impacts various firmware versions, creating security vulnerabilities that may be exploited if left unaddressed. Users of these devices should review their security configurations and apply recommended patches to mitigate risks associated with unauthorized access.

Affected Version(s)

AWIN GW100 rev.2 2.0-0

AWIN GW100 rev.2 2.0-1

AWIN GW120 1.2-0

References

https://search.abb.com/library/Download.aspx?DocumentID=4...

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2026
Vulnerability Reserved
Nov 28, 2025

CVE-2025-13779 Data

JSON

Abb

What is CVE-2025-13779?

Affected Version(s)

References

CVSS V4

Timeline