OTPulse
FeedAboutContact

ABB AbilityTM zenon Remote Transport Vulnerability

Monitor7.52nga002743Aug 12, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

ABB Ability™ zenon contains an authentication bypass vulnerability in the Remote Transport Service. The Reboot OS function can be invoked by unauthenticated remote attackers on the network, forcing an unplanned system reboot. This affects all zenon versions 14 and earlier. Remote exploitation requires network access to the Remote Transport Service port but does not require valid credentials or complex attack steps.

What this means
What could happen
An attacker on your network could force an unplanned reboot of the zenon system without authentication, interrupting data collection, alarming, and control operations until the system restarts and recovers.
Who's at risk
Water utilities and municipal electric utilities running ABB Ability™ zenon for SCADA, HMI, or data collection should care. The vulnerability affects zenon versions 14 and earlier, which may be deployed in control rooms, historian servers, or edge devices managing real-time process data and alarms.
How it could be exploited
An attacker with network access to the Remote Transport Service port on a zenon system can send a request to the Reboot OS function without providing credentials. The service processes the request and triggers a system reboot, causing immediate loss of availability.
Prerequisites
  • Network access to the Remote Transport Service port on the zenon system
  • No authentication required to invoke the Reboot OS function
remotely exploitableno authentication requiredlow complexityaffects availability and reliability of control systemsno patch available
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
AbilityTM zenon≤ 14No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict network access to the Remote Transport Service port using firewall rules to limit connections to trusted engineering and management networks only
WORKAROUNDDisable the Remote Transport Service if it is not required for your operational workflow
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGSegment the zenon system network from untrusted or external networks using air-gapping or VLAN isolation
HARDENINGMonitor network traffic for unexpected connections to the Remote Transport Service port and log all reboot events
View full ABB PSIRT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/caf44f5f-cc5e-4863-8afc-06c99a21649a
ABB AbilityTM zenon Remote Transport Vulnerability | CVSS 7.5 - OTPulse