Advant Master Online Builder DLL vulnerability

MonitorCVSS 4.47paa020047Jun 23, 2026

ABB

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

ABB identified a DLL vulnerability in the Online Builder component shipped with multiple versions of Control Builder A and 800xA for Advant Master. An incorrect version of Online Builder was included in the release media, allowing potential code execution when the application loads a malicious DLL file. The vulnerability requires local system access and user action to exploit. ABB has released patched versions that include the correct Online Builder component.

What this means

What could happen

An attacker with local access to a system could exploit a malicious DLL file to perform unauthorized actions on the affected ABB control systems, potentially altering configurations or disrupting operations.

Who's at risk

ABB Advant Master operators and Control Builder users managing process automation and control systems. This affects facilities using 800xA engineering and control platforms for process monitoring and command execution.

How it could be exploited

An attacker with local system access could place a malicious DLL file that gets loaded by the Online Builder component during system initialization or application startup. When a user runs the affected application, the malicious DLL executes with the user's privileges, allowing code execution on the control system.

Prerequisites

Local access to the affected system
User with privileges to log on to the system must run the application
Ability to place files in a location where the Online Builder searches for DLLs

Local access requiredLow complexityUser interaction requiredAffects process control integrity

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Control Builder A <=1.4/4≤ 1.4/41.4/5

800xA for Advant Master <=6.0.3-1≤ 6.0.3-1Fix available

800xA for Advant Master <=6.1.1-1≤ 6.1.1-1Fix available

800xA for Advant Master 6.1.1-36.1.1-3Fix available

800xA for Advant Master 6.2.0-16.2.0-1Fix available

Remediation & Mitigation

0/6

Do now

0/3

HARDENINGRestrict system access to only authorized users with strong passwords that are changed regularly

HARDENINGDisable or manage USB ports and removable media devices to prevent unauthorized DLL file insertion

HARDENINGRestrict temporary connections of portable computers and external devices to the control system

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Control Builder A to version 1.4/5 or later

HOTFIXUpdate 800xA for Advant Master versions 6.0.3-1, 6.1.1-1, 6.1.1-2, 6.1.1-3, or 6.1.1-4 to version 6.1.1-5 or later

HOTFIXUpdate 800xA for Advant Master versions 6.2.0-1 or 6.2.0-2 to version 6.2.0-3 or later

CVEs (1)

CVE-2025-13162

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/feb4f902-105f-4f28-bd22-f457eedf4dab

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.