Critical DoS in ABB B&R Automation Runtime System Diagnostics Manager (CVE‑2025‑3450) Threatens Industrial Control Systems
What It Is – A newly disclosed CVE‑2025‑3450 describes an Improper Resource Locking flaw in the System Diagnostics Manager (SDM) component of ABB B&R Automation Runtime. The vulnerability allows an unauthenticated network attacker to delete internal data structures, forcing the runtime to halt.
Exploitability – The flaw is network‑accessible, requires no credentials, and has a CVSS v3.1 base score of 10.0 (Critical). No public exploit code has been released, but CISA’s advisory notes that the vulnerability is actively exploitable in the wild.
Affected Products – ABB B&R Automation Runtime versions < 6.3 and < Q4.93 (all deployments of the SDM component).
TPRM Impact –
- A denial‑of‑service in a PLC/automation runtime can halt production lines, leading to supply‑chain delays for downstream manufacturers.
- Critical‑infrastructure operators (chemical, energy, water, healthcare, etc.) that rely on ABB B&R controllers face operational downtime and potential regulatory penalties.
Recommended Actions –
- Patch immediately – Deploy the ABB‑provided update referenced in the CISA advisory.
- Segment control‑network traffic – Enforce strict VLANs and firewalls to limit external reach to SDM services.
- Monitor for abnormal process termination – Deploy IDS/IPS signatures for the known DoS pattern.
- Validate third‑party contracts – Ensure suppliers using ABB B&R automation have applied the fix and can demonstrate compliance.
- Update incident‑response playbooks – Include this CVE in your OT‑specific run‑books.
Source: CISA Advisory – ICSA‑26‑146‑04