CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability

Plan PatchCVSS 7.13KXG200000R4801Apr 16, 2025

ABB

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A path traversal vulnerability in CoreSense HM (versions up to 2.3.1) and CoreSense M10 (versions up to 1.4.1.12) allows unauthenticated users with local access to read restricted system files and directories. An attacker could gain unauthorized access to sensitive data, system information, or configuration files, potentially leading to complete system compromise. ABB has released patches for both products.

What this means

What could happen

An attacker on the local machine could read or access any file on the CoreSense HM or M10 device, potentially exposing sensitive system data, configurations, or credentials without needing to log in. This could allow compromise of control settings or other critical operational information.

Who's at risk

Water and electric utilities using ABB CoreSense HM (energy management platform) or CoreSense M10 (modular control) devices. This affects operators and engineers who manage these systems and the facilities depending on their uninterrupted operation.

How it could be exploited

An attacker with local access to the device uses a crafted file path (e.g., ../../../etc/passwd) through the application interface or API to traverse beyond the intended directory and read restricted files. No credentials are needed.

Prerequisites

Local access to the device or its management interface
No authentication required

No authentication requiredLow complexityAffects sensitive operational dataLocal access required limits blast radius

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

CoreSense™ HM<=2.3.1≤ 2.3.12.3.4

CoreSense™ M10<=1.4.1.12≤ 1.4.1.121.4.1.31

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate CoreSense HM to version 2.3.4 or later

HOTFIXUpdate CoreSense M10 to version 1.4.1.31 or later

Long-term hardening

0/1

HARDENINGRestrict local access to CoreSense devices to authorized personnel only via physical and administrative controls

CVEs (1)

CVE-2025-3465

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/701e6046-b689-40ee-8b0a-fae04cbd8ff6

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.