Insufficient Session Expiration in ABB Lite Panel Pro
CVE-2025-4407

6.8MEDIUM

Key Information:

Vendor: Abb
Status: Lite Panel Pro
Vendor: CVE Published:; 30 June 2025

What is CVE-2025-4407?

The Insufficient Session Expiration vulnerability in ABB Lite Panel Pro allows attackers to exploit session management flaws. This can lead to unauthorized access if sessions are not properly invalidated after a defined period. Affected versions of the Lite Panel Pro up to 1.0.1 must be reviewed for proper session handling to mitigate risks associated with unauthorized session persistence.

Affected Version(s)

Lite Panel Pro 0 <= 1.0.1

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
May 7, 2025

Abb

What is CVE-2025-4407?

Affected Version(s)

References

CVSS V4

Timeline