Machine-generated analysis · WAYSCloud LLM
The advisory states that fragments of previous Modbus responses may be exposed due to a buffer over-read when unsupported function codes are sent to the AC500 V2 Modbus server.
Context
The affected product is the ABB AC500 V2, a programmable logic controller used in industrial automation. The advisory describes a buffer over-read vulnerability (CVE-2025-7745) that could allow an attacker to receive fragments of prior Modbus telegrams. The issue occurs when the Modbus server receives unsupported function codes, leading to unintended data exposure in responses. Firmware versions 2.5.3 and earlier are listed as affected, though the vendor states the issue was fixed starting with 2.5.3.
Operator considerations
Check: inventory AC500 V2 PLCs and verify firmware versions.
ABB became aware of vulnerabilities in AC500 V2 listed as affected in the advisory. An attacker who successfully exploited this vulnerability could access fragments of Modbus telegrams that have been sent earlier by that PLC
Read the full advisory on CISA →