ABB Edgenius Management Portal

🗓️ 20 Nov 2025 00:30:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics

ics🔗 www.cisa.gov

Critical Edgenius vulnerability 3.2.0.0–3.2.1.1 allows unauthenticated remote attackers to install and run code, uninstall apps, and modify configurations.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-10571	20 Nov 202519:36	–	circl
CNNVD	ABB Ability Edgenius 安全漏洞	20 Nov 202500:00	–	cnnvd
CVE	CVE-2025-10571	20 Nov 202518:06	–	cve
Cvelist	CVE-2025-10571 ABB Ability Edgenius Authentication Bypass	20 Nov 202518:06	–	cvelist
EUVD	EUVD-2025-198348	20 Nov 202521:30	–	euvd
NVD	CVE-2025-10571	20 Nov 202519:16	–	nvd
Positive Technologies	PT-2025-47610	20 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-10571	26 Nov 202516:56	–	redhatcve
Vulnrichment	CVE-2025-10571 ABB Ability Edgenius Authentication Bypass	20 Nov 202518:06	–	vulnrichment

Source	Link
psirt	www.psirt.abb.com/csaf/2025/7paa022088.json
search	www.search.abb.com/library/Download.aspx
library	www.library.abb.com/d/7PAA022086
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-120-03.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-26-120-03
cisa	www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
cisa	www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf

20 Nov 2025 00:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 49.4

CVSS 3.19.6

EPSS0.00034

SSVC

Edgenius vulnerability Unauthenticated access Remote exploitation Install code Run code Uninstall applications Modify configurations