LVS MConfig Insecure memory handling

Plan PatchCVSS 7.44TZ00000006008Oct 8, 2025

ABB

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

ABB MConfig contains an insecure memory handling vulnerability in versions 1.4.9.21 and earlier. An attacker with local network access could exploit this flaw to access the application's sensitive information. The vulnerability is resolved in MConfig version 1.4.9.22.

What this means

What could happen

An attacker with local network access to MConfig could extract sensitive information from application memory, potentially exposing credentials, process parameters, or other confidential data stored in the system.

Who's at risk

Organizations using ABB MConfig (configuration management software for ABB industrial devices) should prioritize this update. This affects any IT or OT personnel who use MConfig to configure or manage ABB equipment on local networks.

How it could be exploited

An attacker gains local network access to the MConfig application, then exploits insecure memory handling to read sensitive data directly from the application's memory space. This requires the attacker to have local network connectivity and some ability to interact with the MConfig system (e.g., via a compromised workstation on the same network segment).

Prerequisites

Local network access to MConfig system
User interaction or ability to trigger the application to load sensitive data into memory

Low authentication requiredLocal network access neededSensitive data exposureMemory disclosure risk

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

MConfig≤ 1.4.9.211.4.9.22

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGRestrict local network access to MConfig systems using firewall rules or network segmentation to limit which workstations and devices can reach the system

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate MConfig to version 1.4.9.22 or later

HARDENINGReview and implement defensive measures documented in the MConfig product instruction manual, Mitigation factors section

CVEs (1)

CVE-2025-9970

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/55716216-5306-4a94-b0c0-40cdc857ac54

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.