CVE-2025-6071

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016

Description: The issue allows an attacker to gain access to salted information, which can be used to decrypt MQTT information. This is due to the use of a hard-coded cryptographic key.

Recommendations: For ABB RMC-100 versions 2105457-043 through 2105457-045, update to a version that does not use a hard-coded cryptographic key. For ABB RMC-100 LITE versions 2106229-015 through 2106229-016, update to a version that does not use a hard-coded cryptographic key. As a temporary workaround, consider restricting access to the MQTT information until a patch is available.