7PAA020125
This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications used in some Automation control system products. Note: IEC 61850 communication typically supports MMS and GOOSE protocols. Some ABB products support both, others only MMS (e.g. S+ Operations and PM 877). In any case, GOOSE communication is not impacted by this reported vulnerability. If an attacker gains access to a site’s IEC 61850 network, then exploiting this vulnerability will result in a device fault (PM 877, CI850 and CI868 modules) and will require a manual restart. If this attack is directed at a S+ Operations node running IEC 61850 connectivity, this will result in a crash in the IEC 61850 communication driver which, if continued a repeating basis, will also result in a denial-of-service situation. Note that this does not have an impact on the overall availability and functionality of the S+ Operations node, only the IEC 61850 communication function. The System 800xA IEC61850 Connect is not affected.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB Firmware B_0.005 | ||
| ABB Firmware <=6.1.1202.0 (AC800M version 6.1.1-2) | ||
| ABB S+ Operations using IEC 61850 connectivity | ||
| ABB Firmware <=6.1.1004.0 AC800M version 6.1.1-0 and 6.1.1-1) | ||
| ABB Firmware <=6.2.0006.0 (AC800M version 6.2.0-0) | ||
| ABB Firmware A_1 | ||
| ABB Symphony Plus MR (Melody Rack) PM 877 for IEC 61850 communication | ||
| ABB Firmware A_2.003 | ||
| ABB Firmware 6.1.1-3 planned for Q2 2027 | ||
| ABB Firmware A_0 | ||
| ABB Firmware 7.0 released in Dec 2025 | ||
| ABB Firmware <=6.0.0303.0 (AC800M version 6.0.0-x) | ||
| ABB Symphony Plus SD Series CI850 for IEC 61850 communication | ||
| ABB Firmware <=1.0031.0 (AC800M version 6.1.0-x) | ||
| ABB Firmware A_3.005 | ||
| ABB Firmware A_4.001 | ||
| ABB AC800M Product line (System 800xA) CI868 for IEC 61850 communication | ||
| ABB Firmware >=3.10|<=3.52 | ||
| ABB Firmware 3.53 (planned Q1 2026) | ||
| ABB Firmware C_0 planned Q2 2026 |
Exploit Intelligence
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA020125&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://psirt.abb.com/csaf/2026/7paa020125.json (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=2VAA003700&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ001882T0002&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=9ARD171385-611&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ001006T0001&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA121027&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ000602T0001&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA018617&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA122516&LanguageCode=en&DocumentPartId=&Action=Launch (circl)
…and 1 more exploits
Timeline
- Apr 13, 2026 CVE Published
References
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA020125&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://psirt.abb.com/csaf/2026/7paa020125.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2VAA003700&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ001882T0002&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=9ARD171385-611&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ001006T0001&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA121027&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ000602T0001&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA018617&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA122516&LanguageCode=en&DocumentPartId=&Action=Launch url
- https://search.abb.com/library/Download.aspx?DocumentID=8VZZ000368D0066&LanguageCode=en&DocumentPartId=&Action=Launch url