CVE-2025-6073
BaseFortify
Publication date: 2025-07-03
Last updated on: 2025-07-08
Assigner: Asea Brown Boveri Ltd. (ABB)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in ABB RMC-100 and ABB RMC-100 LITE devices. It occurs when the REST interface is enabled, user/password broker authentication is active, and an attacker who has access to the control network exploits another vulnerability (CVE-2025-6074). The attacker can then overflow the buffer for the username or password fields, potentially causing unexpected behavior or allowing further exploitation.
How can this vulnerability impact me? :
The vulnerability can lead to a stack-based buffer overflow, which may cause the device to crash or allow an attacker to execute arbitrary code. This can result in denial of service or unauthorized control over the affected ABB RMC-100 or RMC-100 LITE devices, impacting the security and availability of the control network.