Command Handling Vulnerability in IEC 61850 Communication Stack by ABB
CVE-2025-3756

7.1HIGH

Key Information:

Vendor: Abb
Status: Ac800m (system 800xa); Symphony Plus Sd Series; Symphony Plus Mr (melody Rack); S+ Operations
Vendor: CVE Published:; 13 April 2026

What is CVE-2025-3756?

A vulnerability has been identified in the command handling of the IEC 61850 communication stack used in ABB's affected products. An attacker with access to IEC 61850 networks could exploit this issue by sending a specially crafted 61850 packet. This action could lead the communication interfaces of various modules, including PM 877, CI850, and CI868, into a fault mode or render the S+ Operations 61850 connectivity unavailable, resulting in a denial-of-service condition. Importantly, the overall availability and functionality of the S+ Operations node remain unaffected; the impact is specifically tied to the 61850 communication function.

Affected Version(s)

AC800M (System 800xA) 6.0.0x <= 6.0.0303.0

AC800M (System 800xA) 6.1.0x <= 6.1.0031.0

AC800M (System 800xA) 6.1.1x <= 6.1.1004.0

References

https://search.abb.com/library/Download.aspx?DocumentID=7...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Apr 17, 2025

Credit

ABB thanks Hitachi Energy for sharing the information affecting a commonly used software component.

CVE-2025-3756 Data

JSON

Abb

What is CVE-2025-3756?

Affected Version(s)

References

CVSS V4

Timeline

Credit