CVE-2025-7064
Received Received - Intake
Authentication Bypass in ABB Freelance

Publication date: 2026-06-11

Last updated on: 2026-06-11

Assigner: Asea Brown Boveri Ltd. (ABB)

Description
Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-11
Last Modified
2026-06-11
Generated
2026-06-11
AI Q&A
2026-06-11
EPSS Evaluated
N/A
NVD
CVE-2025-7064
EUVD
EUVD-2025-210109
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
abb freelance to 2013 (inc)
abb freelance 2013_sp1
abb freelance 2016
abb freelance 2016_sp1
abb freelance 2019
abb freelance 2019_sp1
abb freelance 2019_sp1_fp1
abb freelance 2024
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-305 The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an authentication bypass caused by a primary weakness in ABB Freelance software. It affects multiple versions of ABB Freelance, including versions through 2013 up to 2024. The flaw allows an attacker with limited privileges to bypass authentication mechanisms.

Impact Analysis

The vulnerability can allow an attacker with limited privileges to bypass authentication controls, potentially gaining unauthorized access to the ABB Freelance system. This could lead to unauthorized actions or access to sensitive operations within the affected software.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7064. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart