ABB B&R PVI

MonitorCVSS 5ICS-CERT ICSA-26-125-02Jan 29, 2026

ABB

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

PVI contains a vulnerability where sensitive information can be written to log files. An attacker with local access to a machine running PVI could read this log data if logging has been manually enabled by a user. Logging is disabled by default. The vulnerability is fixed in PVI version 6.5.0. PVI is included in the Automation Studio installation package and shares the same version number.

What this means

What could happen

An attacker with local access to a system running PVI could read sensitive information (credentials, configuration details) from log files if logging has been enabled by a user. By default, logging is disabled, which significantly limits the practical risk.

Who's at risk

Organizations using ABB Automation Studio with PVI (Process Visualization Interface) for industrial automation programming and visualization on Windows systems. This affects engineering workstations and development environments where Automation Studio is installed.

How it could be exploited

An attacker with local access to a system running vulnerable PVI (versions before 6.5.0) could access log files on the machine and extract sensitive information. This requires the user to have explicitly enabled logging, which is not the default configuration.

Prerequisites

Local access to the machine running PVI
Logging must be manually enabled by the user (not enabled by default)
Ability to read files from the system where PVI is installed

Local access requiredLow CVSS (5.0)Logging disabled by defaultNo active exploitation reported

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

PVI <6.5.0<6.5.06.5.0

Remediation & Mitigation

0/2

Do now

0/1

WORKAROUNDIf unable to patch immediately, disable logging in PVI settings (logging is disabled by default, so verify this setting across your Automation Studio installations)

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PVI to version 6.5.0 or later

CVEs (1)

CVE-2026-0936

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/22b52b12-622f-4bbd-84ad-3ce46c9507fb

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.