Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3085 articles · 172013 vulns · 37/41 feeds (7d)
← Back to list
9.9
CVE-2025-14771EXPLOITED
abb · t-mac_plus

File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web Site

Description

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

Affected Products

VendorProductVersions
abbt-mac_plus4.0-24

References

  • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&LanguageCode=en&DocumentPartId=&Action=Launch

Related News (2 articles)

Tier B
CCCS Canada34d ago
[Control systems] ABB security advisory (AV26-545)
→ No new info (linked only)
Tier C
VulDB34d ago
CVE-2025-14771 | ABB T-MAC Plus 4.0-24 file access
→ No new info (linked only)
CVSS 3.19.9 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited✅ Yes
CWECWE-552
PublishedJun 3, 2026
Last enriched34d agov2
Trending Score1
Source articles2
Independent2
Info Completeness8/14
Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

PRE-CVE
Multiple vulnerabilities in ABB Ability zenon and APROL
Trending: 20
MEDIUMCVE-2025-13162
Advant Master Online Builder DLL vulnerability
Trending: 4
MEDIUMCVE-2025-7064
Freelance Security Lock – Access to Windows OS
Trending: 1
HIGHCVE-2025-14773
Stored Cross-Site Scripting in ABB T-MAC Plus web application
Trending: 1
HIGHCVE-2025-14774
Communication analysis between the Card Reader and TP2CardReaderService daemon
Trending: 1

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 3, 2026
Discovered by ZDM
Jun 3, 2026
Updated: description, activelyExploited
Jun 3, 2026
Actively Exploited
Jun 3, 2026

Version History

v2
Last enriched 34d ago
v2Tier C34d ago

Updated description with new details about the vulnerability and marked it as actively exploited.

descriptionactivelyExploited
via VulDB
v134d ago

Initial creation