Path Traversal (CVE‑2025‑3465) in ABB CoreSense HM & CoreSense M10 Enables Full System Compromise
What It Is – A newly disclosed path‑traversal flaw (CVE‑2025‑3465) affects ABB CoreSense HM (≤ 2.3.1, 2.3.4) and CoreSense M10 (≤ 1.4.1.12, 1.4.1.31). The vulnerability allows an unauthenticated attacker to read or write files outside the intended directory tree, potentially leading to complete device takeover and exposure of operational data.
Exploitability – The flaw is publicly disclosed and a vendor‑provided patch is available. No public exploit code has been observed, but the CVSS v3 base score of 7.1 (High) indicates a realistic risk of exploitation in the wild.
Affected Products – ABB CoreSense HM and CoreSense M10 industrial controllers used in food & agriculture, commercial facilities, and critical manufacturing environments worldwide.
TPRM Impact – These controllers are often embedded in third‑party supply‑chain equipment. A compromise can cascade to downstream partners, disrupt production lines, and leak proprietary process data, raising both operational and reputational risk for organizations that rely on ABB‑powered automation.
Recommended Actions –
- Verify firmware version on all ABB CoreSense HM/M10 devices.
- Apply the CISA‑referenced remediation patch immediately.
- Conduct a network‑segmentation review to isolate industrial controllers from unauthenticated traffic.
- Perform a file‑system integrity scan on any device that may have been exposed before patching.
- Update third‑party risk registers to reflect the new vulnerability and track remediation status.
Source: CISA Advisory – ICSA‑26‑139‑01