CVE-2025-6072

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016

Description: The issue is a Stack-based Buffer Overflow vulnerability. When the REST interface is enabled and an attacker gains access to the control network, the attacker can use the JSON configuration to overflow the date of expiration field.

Recommendations: For ABB RMC-100 versions 2105457-043 through 2105457-045, consider disabling the REST interface until a patch is available. For ABB RMC-100 LITE versions 2106229-015 through 2106229-016, consider disabling the REST interface until a patch is available. As a temporary workaround, consider restricting access to the JSON configuration to minimize the risk of exploitation.