HomeIntelligenceBrief
VULNERABILITY BRIEF🟡 Medium Vulnerability

Buffer Over‑read in ABB AC500 V2 PLC (CVE‑2025‑7745) Risks Modbus Data Leakage

ABB’s AC500 V2 programmable logic controllers (firmware ≤ 2.5.2) contain a CVE‑2025‑7745 buffer‑over‑read that can expose fragments of historic Modbus telegrams. The flaw is exploitable by any network‑connected attacker and poses a data‑leakage risk for critical‑manufacturing, energy, and water‑utility supply chains.

LiveThreat™ Intelligence · 📅 May 26, 2026· 📰 cisa.gov
🟡
Severity
Medium
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
4 recommended
📰
Source
cisa.gov

Buffer Over‑read in ABB AC500 V2 PLC (CVE‑2025‑7745) Risks Modbus Data Leakage

What It Is – A medium‑severity (CVSS 5.8) buffer‑over‑read vulnerability in the Modbus server of ABB AC500 V2 programmable logic controllers. Sending unsupported Modbus function codes can cause the PLC to append fragments of previous responses to the current reply, exposing historic control‑system telemetry.

Exploitability – No public exploit code has been released, but the vulnerability is trivially exploitable over the network (AV:N, AC:L). An attacker with access to the PLC’s Modbus interface can harvest partial telegram data without authentication.

Affected Products – ABB AC500 V2 firmware ≤ 2.5.2 (all hardware revisions). The issue is patched in firmware 2.5.3 (released 2016) and later.

TPRM Impact

  • Suppliers that embed ABB AC500 V2 PLCs in manufacturing, energy, or water‑treatment equipment may inadvertently expose operational data to adversaries.
  • Data leakage can aid reconnaissance for downstream attacks on critical infrastructure, increasing supply‑chain risk for downstream customers.

Recommended Actions

  • Verify firmware version on all ABB AC500 V2 devices; upgrade to 2.5.3 or newer immediately.
  • Segregate PLC networks from corporate IT and enforce strict firewall rules limiting Modbus traffic to authorized sources.
  • Deploy intrusion‑detection signatures that flag unsupported Modbus function codes and anomalous response sizes.
  • Review vendor advisories and maintain an inventory of legacy PLCs for accelerated patching.

Source: CISA Advisory – ICSA‑26‑146‑02

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-02

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →