CVE-2025-3394 | THREATINT

Description

Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.

PUBLISHED Reserved 2025-04-07 | Published 2025-04-30 | Updated 2025-04-30 | Assigner ABB

HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status

unaffected

Any version

affected

Credits

ABB acknowledges and extends gratitude to Jiho Shin from Sungkyunkwan University for responsibly disclosing the vulnerability and providing valuable input on product improvements. finder

References

search.abb.com/...guageCode=en&DocumentPartId=&Action=Launch

cve.org (CVE-2025-3394)

nvd.nist.gov (CVE-2025-3394)

Download JSON