Cyber Posture

CVE-2025-13779

High

Published: 13 March 2026

Published
13 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
EPSS Score 0.0003 7.6th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-13779 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Abb (inferred from references). Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 7.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation of Remote Services (T1210). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-14 Permitted Actions Without Identification or Authentication good match
prevent

AC-14 directly identifies and authorizes only non-critical actions without identification or authentication, preventing exploitation of the missing authentication for critical functions in ABB AWIN gateways.

AC-3 Access Enforcement good match
prevent

AC-3 enforces approved access control policies requiring authentication for critical functions, blocking unauthorized adjacent network access to affected firmware.

SI-2 Flaw Remediation good match
preventrecover

SI-2 ensures timely identification, reporting, and patching of the specific firmware flaw causing missing authentication, as referenced in the ABB advisory.

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
attack.mitre.org →
Why these techniques?

Missing authentication (CWE-306) on critical functions of a network-accessible gateway device directly enables exploitation of the remote service without credentials.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

Deeper analysisAI

CVE-2025-13779 is a missing authentication for critical function vulnerability, classified under CWE-306, affecting ABB AWIN GW100 rev.2 firmware versions 2.0-0 and 2.0-1, as well as ABB AWIN GW120 firmware versions 1.2-0 and 1.2-1. Published on 2026-03-13, it carries a CVSS v3.1 base score of 8.3 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H), indicating high severity due to significant impacts on confidentiality and availability.

An attacker on an adjacent network can exploit this vulnerability with low complexity and no required privileges or user interaction. Exploitation grants high confidentiality and availability impacts, alongside low integrity impact, potentially allowing unauthorized access to critical functions, data exposure, service disruption, and limited modification of system resources.

Mitigation guidance is available in the official ABB security advisory at https://search.abb.com/library/Download.aspx?DocumentID=4JNO000329&LanguageCode=en&DocumentPartId=&Action=Launch. Security practitioners should consult this reference for patching instructions and workarounds specific to the affected devices.

Details

CWE(s)
CWE-306

Affected Products

Abb
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-22727Shared CWE-306
CVE-2026-27182Shared CWE-306
CVE-2025-14300Shared CWE-306
CVE-2026-41176Shared CWE-306
CVE-2025-21198Shared CWE-306
CVE-2025-65824Shared CWE-306
CVE-2026-4436Shared CWE-306
CVE-2025-27020Shared CWE-306
CVE-2026-28485Shared CWE-306
CVE-2026-4272Shared CWE-306

References