We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-6072

Stack Buffer Overflow in MQTTCore



Description

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Reserved 2025-06-13 | Published 2025-07-03 | Updated 2025-07-03 | Assigner ABB


HIGH: 8.2CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-121 Stack-based Buffer Overflow

Product status

Default status
unaffected

2105457-043
affected

Default status
unaffected

2106229-015
affected

Credits

ABB thanks Claroty Team82 Research for helping to identify the vulnerabilities and protecting our customers finder

References

search.abb.com/...geCode=en&DocumentPartId=PDF&Action=Launch

cve.org (CVE-2025-6072)

nvd.nist.gov (CVE-2025-6072)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-6072

Support options

Helpdesk Chat, Email, Knowledgebase