CVE-2025-3756
Received Received - Intake
Denial of Service in IEC 61850 Stack Affecting ABB Modules

Publication date: 2026-04-13

Last updated on: 2026-04-13

Assigner: Asea Brown Boveri Ltd. (ABB)

Description
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.Β  The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function. Β  Β  This issue affects AC800M (System 800xA):Β from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-13
Generated
2026-05-06
AI Q&A
2026-04-13
EPSS Evaluated
2026-05-05
NVD
CVE-2025-3756
EUVD
EUVD-2025-209425
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
abb ac800m From 6.0.0 (inc) to 6.0.0303.0 (inc)
abb ac800m From 6.1.0 (inc) to 6.1.0031.0 (inc)
abb ac800m From 6.1.1 (inc) to 6.1.1004.0 (inc)
abb ac800m From 6.1.1 (inc) to 6.1.1202.0 (inc)
abb ac800m From 6.2.0 (inc) to 6.2.0006.0 (inc)
abb symphony_plus_sd_series From A_0 (inc) to A_4.001 (inc)
abb symphony_plus_mr From 3.10 (inc) to 3.52 (inc)
abb s_plus_operations From 2.1 (inc) to 3.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1284 The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the command handling of the IEC 61850 communication stack used in certain ABB product revisions. An attacker with access to IEC 61850 networks can exploit it by sending a specially crafted 61850 packet.

Exploitation forces the communication interfaces of the PM 877, CI850, and CI868 modules into fault mode or causes unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service (DoS) condition.

Importantly, this vulnerability affects only the 61850 communication function and does not impact the overall availability and functionality of the S+ Operations node.


How can this vulnerability impact me? :

If exploited, this vulnerability can cause denial-of-service by forcing communication interfaces into fault mode or making the IEC 61850 connectivity unavailable.

This means that critical communication between devices using the IEC 61850 protocol could be disrupted, potentially affecting monitoring and control functions that rely on this communication.

However, the overall system functionality and availability of the S+ Operations node remain unaffected.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart