PVI Insertion of Sensitive Information into Logfile
Monitor5SA26P001Jan 29, 2026
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary
ABB has disclosed a vulnerability in PVI (included in Automation Studio) versions prior to 6.5.0 where sensitive information can be exposed in client application log files. The vulnerability allows a user with local access and low privileges to read logging data if logging has been enabled. Logging is disabled by default. ABB has released PVI 6.5.0 as a corrected version. The fix is available through the Automation Studio installation package update process.
What this means
What could happen
An attacker with local access and low privileges could read sensitive information (credentials, process parameters, or configuration details) from PVI client application log files if logging has been enabled by an operator or engineer.
Who's at risk
Automation engineers and system integrators using ABB PVI (Power and Voltage Interface) client software on engineering workstations. Organizations using Automation Studio installations that bundle PVI should verify their version, as PVI shares the version number with the corresponding Automation Studio release.
How it could be exploited
An attacker with a user account on the engineering workstation running PVI would access log files stored locally on disk. Since logging is disabled by default, exploitation requires that an operator or engineer first enables logging for troubleshooting or diagnostics. The attacker then reads the unencrypted log files to extract sensitive data.
Prerequisites
- Local access to the engineering workstation running PVI
- Valid user account with permissions to read application log files
- Logging must be explicitly enabled by the operator (disabled by default)
- PVI version prior to 6.5.0
Local access only (not remotely exploitable)Requires valid user account credentialsRequires explicit logging enablement (disabled by default)Affects engineering/configuration systems, not runtime controllers
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
PVI <6.5.0<6.5.06.5.0
Remediation & Mitigation
0/3
Do now
0/1WORKAROUNDDisable logging in PVI unless actively troubleshooting; review and delete old log files containing sensitive data
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate PVI to version 6.5.0 or later
Long-term hardening
0/1HARDENINGLimit local user account access to engineering workstations and restrict file system permissions on PVI log directories
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/22b52b12-622f-4bbd-84ad-3ce46c9507fb