CVE-2025-3756
Deferred Deferred - Pending Action
Denial of Service in IEC 61850 Stack Affecting ABB Modules

Publication date: 2026-04-13

Last updated on: 2026-05-19

Assigner: Asea Brown Boveri Ltd. (ABB)

Description
A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.Β  The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function. Β  Β  This issue affects AC800M (System 800xA):Β from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-05-19
Generated
2026-06-16
AI Q&A
2026-04-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-3756
EUVD
EUVD-2025-209425
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
abb ac800m From 6.0.0 (inc) to 6.0.0303.0 (inc)
abb ac800m From 6.1.0 (inc) to 6.1.0031.0 (inc)
abb ac800m From 6.1.1 (inc) to 6.1.1004.0 (inc)
abb ac800m From 6.1.1 (inc) to 6.1.1202.0 (inc)
abb ac800m From 6.2.0 (inc) to 6.2.0006.0 (inc)
abb symphony_plus_sd_series From A_0 (inc) to A_4.001 (inc)
abb symphony_plus_mr From 3.10 (inc) to 3.52 (inc)
abb s_plus_operations From 2.1 (inc) to 3.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1284 The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the command handling of the IEC 61850 communication stack used in certain ABB product revisions. An attacker with access to IEC 61850 networks can exploit it by sending a specially crafted 61850 packet.

Exploitation forces the communication interfaces of the PM 877, CI850, and CI868 modules into fault mode or causes unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service (DoS) condition.

Importantly, this vulnerability affects only the 61850 communication function and does not impact the overall availability and functionality of the S+ Operations node.

Impact Analysis

If exploited, this vulnerability can cause denial-of-service by forcing communication interfaces into fault mode or making the IEC 61850 connectivity unavailable.

This means that critical communication between devices using the IEC 61850 protocol could be disrupted, potentially affecting monitoring and control functions that rely on this communication.

However, the overall system functionality and availability of the S+ Operations node remain unaffected.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-3756. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart