CVE-2025-6073

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016

Description: A Stack-based Buffer Overflow issue exists when the REST interface is enabled and an attacker gains access to the control network with user/password broker authentication enabled. This allows the attacker to overflow the buffer for username or password.

Recommendations: For ABB RMC-100 versions 2105457-043 through 2105457-045, consider disabling the REST interface until a patch is available. For ABB RMC-100 LITE versions 2106229-015 through 2106229-016, restrict access to the control network to minimize the risk of exploitation. As a temporary workaround, consider disabling user/password broker authentication for both RMC-100 and RMC-100 LITE until a patch is available.