Code Injection Vulnerability in ABB ASPECT Product
CVE-2025-53187
What is CVE-2025-53187?
CVE-2025-53187 is a code injection vulnerability identified in the ABB ASPECT product, which is utilized for industrial automation and control systems. This vulnerability arises from an improper control in the generation of code, potentially allowing an attacker to execute arbitrary code within the application. Such exploitation could have severe consequences for organizations utilizing the ABB ASPECT product, including unauthorized access, manipulation of critical control processes, and disruption of operations. The affected versions are those prior to 3.08.04-s01, highlighting the necessity for organizations to maintain current software updates to mitigate vulnerability risks.
Potential impact of CVE-2025-53187
-
Unauthorized Code Execution: Exploiting this vulnerability allows attackers to inject malicious code, potentially leading to complete control over affected systems. This could enable unauthorized actions within industrial control processes, endangering safety and operational integrity.
-
Disruption of Industrial Operations: By gaining control over the ASPECT systems, attackers could manipulate or disrupt automated processes, resulting in downtime, impaired production efficiency, and significant operational losses.
-
Data Breaches and Security Concerns: The ability to execute arbitrary code may also allow attackers to access sensitive information or override security mechanisms, raising the risk of data breaches and further exploitation of the organization's IT infrastructure.
Affected Version(s)
ASPECT 0
References
CVSS V4
Timeline
Vulnerability published
Vulnerability Reserved