Cross-Site Scripting Flaw in ABB T-MAC Plus
CVE-2025-14773

7.2HIGH

Key Information:

Vendor: Abb
Status: T-mac Plus
Vendor: CVE Published:; 3 June 2026

What is CVE-2025-14773?

A cross-site scripting vulnerability exists in ABB's T-MAC Plus, due to improper handling of input during web page generation. This flaw could allow an attacker to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access or data theft. Users of affected versions should prioritize updating their systems to mitigate the risks associated with this vulnerability.

Affected Version(s)

T-MAC Plus 4.0-24

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
Dec 16, 2025

CVE-2025-14773 Data

JSON

Abb

What is CVE-2025-14773?

Affected Version(s)

References

CVSS V4

Timeline