ABB Arctic communication solution ARM600 Vulnerabilities

Act Now8.82nga002579Apr 7, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

ABB M2M Gateway ARM600 contains multiple vulnerabilities in firmware versions 4.1.2 through 5.0.3 that could allow a remote attacker with valid credentials to cause denial of service, gain unauthorized access, or execute arbitrary code on the device. The issues stem from multiple flaws including integer overflow, buffer overrun, memory corruption, input validation failures, and improper access controls across the device firmware. The product has reached end-of-life and limited support status; ABB will not issue security patches. The vendor recommends implementing network-level mitigations such as using private cellular APNs and VPN tunnels to isolate the gateway, restricting management access, and monitoring for suspicious activity.

What this means

What could happen

An attacker could gain remote control of the ARM600 gateway, run arbitrary code on it, or stop it entirely, disrupting communication between field devices and the central system in water or utility networks that depend on this wireless connectivity.

Who's at risk

Water authorities, municipal utilities, and industrial facilities using ABB ARM600 M2M wireless gateways to connect remote field devices (meters, sensors, PLCs, RTUs) back to control centers. Any organization relying on Arctic wireless communication for SCADA, meter reading, or distributed sensor networks is affected if they have ARM600 firmware versions 4.1.2 through 5.0.3 in service.

How it could be exploited

An attacker with login credentials to the ARM600 web interface (or valid user account) could send crafted input to trigger multiple memory corruption, injection, or validation flaws in the gateway's firmware. This could allow remote code execution, unauthorized data access, or denial of service. The vulnerability may also be exploitable over the cellular or VPN path if the device is exposed.

Prerequisites

Valid user credentials for ARM600 web interface or remote management access
Network connectivity to the ARM600 (local network, cellular APN, or VPN)
Affected firmware version (4.1.2 through 5.0.3)

No patch available (end-of-life / limited support product)High EPSS score (92.5% - high exploitation likelihood)Remotely exploitable over network or cellular connectionAllows remote code execution and arbitrary controlMultiple underlying flaws (memory corruption, injection, validation bypass)

Exploitability

High exploit probability (EPSS 92.5%)

Affected products (2)

2 EOL

ProductAffected VersionsFix Status

M2M Gateway ARM600, firmware≥ 4.1.2|≤ 5.0.3No fix (EOL)

M2M Gateway SW, software≥ 5.0.1|≤ 5.0.3No fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGIsolate ARM600 gateways from untrusted networks using a private APN cellular network and secure VPN tunnels rather than public cellular connections

HARDENINGRestrict access to the ARM600 web management interface to authorized engineering workstations only via firewall rules or IP whitelisting

HARDENINGEnforce strong, unique credentials for all ARM600 user accounts and disable default or shared accounts

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor ARM600 logs and network traffic for suspicious access patterns or commands that could indicate exploitation attempts

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: M2M Gateway ARM600, firmware, M2M Gateway SW, software. Apply the following compensating controls:

HARDENINGPlan for replacement or upgrade of ARM600 units to a supported ABB product line that receives security updates

CVEs (42)

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/33dd285c-2fe6-41c9-ae5f-a71bfda53a57