CISA 2026-05-26

ABB LVS MConfig

CVE-2025-9970

Machine-generated analysis · WAYSCloud LLM

The advisory states that sensitive information, including passwords, may be stored in cleartext in memory during runtime and exposed via memory dump files.

Context

ABB LVS MConfig is a software application used in industrial environments. The advisory identifies a vulnerability where passwords stored in plain text in memory can be extracted from memory dump files if an attacker gains access to the local network. The vulnerability is rated CVSS 7.4 (HIGH) with low attack complexity and requires local network access. ABB reports the issue is resolved in version 1.4.9.22.

Operator considerations

Check: Inventory ABB LVS MConfig instances for versions earlier than 1.4.9.22
Patch: Upgrade to MConfig version 1.4.9.22 or later as the vendor has fixed the vulnerability
Log: Monitor for unauthorized memory dump file creation or access on systems running MConfig

From Cybersecurity and Infrastructure Security Agency ↗

ABB became aware of an internally discovered vulnerability in the MConfig product versions listed as affected in the advisory. An attacker with access to local networks who successfully exploits vulnerability could have access to application’s sensitive information. ABB strongly advises customers to update MConfig with latest software version.

The following versions of ABB LVS MConfig are affected:

LVS

Read the full advisory on CISA →