HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

Multiple Critical RCE, DoS, and DNS‑Poisoning Vulnerabilities in ABB B&R Industrial PCs (CVE‑2023‑45229‑CVE‑2023‑45237) Threaten Manufacturing Operations

ABB B&R has released patches for nine critical CVEs affecting its industrial PC line. The flaws enable remote code execution, denial‑of‑service, DNS cache poisoning, and data exfiltration, posing a serious supply‑chain risk for manufacturers and their downstream partners.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 cisa.gov
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
5 recommended
📰
Source
cisa.gov

Multiple Critical RCE, DoS, and DNS‑Poisoning Vulnerabilities in ABB B&R Industrial PCs (CVE‑2023‑45229‑CVE‑2023‑45237) Threaten Manufacturing Operations

What It Is – ABB B&R disclosed a family of nine related CVEs affecting several models of its industrial‑grade PCs (APC4100, APC910, C80, MPC3100, PPC1200, PPC900, APC2200). The flaws allow a remote network attacker to execute arbitrary code, launch denial‑of‑service attacks, poison DNS caches, or exfiltrate sensitive data.

Exploitability – Proof‑of‑concept exploits have been published for the remote‑code‑execution paths; the vulnerabilities are publicly disclosed and patches are now available. CVSS scores for the individual CVEs range from 8.8 to 9.8 (Critical).

Affected Products – ABB B&R PCs: APC4100 < 1.09, APC910 ≤ 1.25, C80 < 1.14, MPC3100 < 1.24, PPC1200 < 1.14, PPC900 < 2.16, APC2200 < 1.35 (all versions listed in the advisory).

TPRM Impact – These devices are often embedded in third‑party manufacturing, energy, and logistics environments. A compromised PLC‑class PC can disrupt production lines, corrupt process data, and provide an entry point to downstream suppliers, amplifying supply‑chain risk.

Recommended Actions

  • Verify inventory of ABB B&R PCs and confirm firmware versions.
  • Apply the ABB‑provided security update immediately to all affected units.
  • Segment industrial networks from corporate IT and enforce strict firewall rules to limit inbound traffic to management interfaces.
  • Conduct a focused vulnerability scan of OT assets and monitor for anomalous network traffic (e.g., unexpected DNS queries).
  • Update third‑party risk assessments to reflect the elevated exposure of vendors relying on these PCs.

Source: CISA Advisory – ICSA‑26‑141‑02

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-02

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →