CVE-2025-13777
Published: 13 March 2026
Summary
CVE-2025-13777 is a high-severity Authentication Bypass by Capture-replay (CWE-294) vulnerability in Abb (inferred from references). Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique External Remote Services (T1133); ranked at the 13.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-23 (Session Authenticity).
Deeper analysis
CVE-2025-13777 is an authentication bypass vulnerability stemming from a capture-replay issue, mapped to CWE-294. It affects ABB AWIN GW100 rev.2 firmware versions 2.0-0 and 2.0-1, as well as ABB AWIN GW120 firmware versions 1.2-0 and 1.2-1. The vulnerability was published on 2026-03-13.
The CVSS v3.1 base score is 8.3 (High), with attack vector AV:A (adjacent network), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and unchanged scope (S:U), resulting in high confidentiality (C:H) and availability (A:H) impacts, plus low integrity (I:L) impact. An adjacent attacker can capture and replay authentication traffic to bypass controls without prior authentication.
ABB provides mitigation guidance in its security advisory, accessible at https://search.abb.com/library/Download.aspx?DocumentID=4JNO000329&LanguageCode=en&DocumentPartId=&Action=Launch.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208631
Vulnerability details
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass via capture-replay on adjacent network gateway directly enables unauthorized access to remote services (T1133) and exploitation of those services for access (T1210).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-23 requires mechanisms to protect communications session authenticity, directly preventing capture-replay attacks on authentication traffic.
IA-5 mandates management of replay-resistant authenticators to prevent unauthorized replay of captured authentication data.
SC-8 enforces confidentiality and integrity protections on transmitted information, hindering capture and replay of authentication traffic.