CISA 2026-05-12

ABB AC500 V3 Multiple Vulnerabilities

Machine-generated analysis · WAYSCloud LLM

The advisory notes that exposed visualization files contain only static data, not live process data. The update is available in firmware version 3.9.0.

Context

The ABB AC500 V3 is a programmable logic controller used in industrial automation. The advisory describes vulnerabilities allowing unauthenticated bypass of user management, certificate/key access, and denial-of-service. The advisory explicitly states deployment in chemical, critical manufacturing, energy, and water/wastewater sectors worldwide.

Operator considerations

Check: Inventory all AC500 V3 PLCs running firmware versions prior to 3.9.0
Patch: Upgrade to firmware version 3.9.0 using Automation Builder 2.9.0

From Cybersecurity and Infrastructure Security Agency ↗

ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. An update is available that resolves these vulnerabilities. An attacker who successfully exploited these vulnerabilities could bypass the user management and read visualization files (CVE-2025-2595), read and write certificates and keys (CVE-2025-41659) or cause a denial-of-service (DoS) (CVE-2025-41691).

The following versions of ABB AC500 V3 Multiple Vulnerabilities are affected:

AC500 V3

Read the full advisory on CISA →