Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3088 articles · 172013 vulns · 36/41 feeds (7d)
← Back to list
8.0
CVE-2025-14773
abb · t-mac plus

Stored Cross-Site Scripting in ABB T-MAC Plus web application

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

Affected Products

VendorProductVersions
abbt-mac plus4.0-24

References

  • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&LanguageCode=en&DocumentPartId=&Action=Launch

Related News (2 articles)

Tier B
CCCS Canada34d ago
[Control systems] ABB security advisory (AV26-545)
→ No new info (linked only)
Tier C
VulDB34d ago
CVE-2025-14773 | ABB T-MAC Plus 4.0-24 cross site scripting
→ No new info (linked only)
CVSS 3.18.0 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited❌ No
CWECWE-79
PublishedJun 3, 2026
Last enriched34d agov2
Trending Score1
Source articles2
Independent2
Info Completeness8/14
Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

PRE-CVE
Multiple vulnerabilities in ABB Ability zenon and APROL
Trending: 20
MEDIUMCVE-2025-13162
Advant Master Online Builder DLL vulnerability
Trending: 4
MEDIUMCVE-2025-7064
Freelance Security Lock – Access to Windows OS
Trending: 1
HIGHCVE-2025-14774
Communication analysis between the Card Reader and TP2CardReaderService daemon
Trending: 1
CRITICALCVE-2025-14771EXP
File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web Site
Trending: 1

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 3, 2026
Discovered by ZDM
Jun 3, 2026
Updated: description
Jun 3, 2026

Version History

v2
Last enriched 34d ago
v2Tier C34d ago

Updated description with additional details and corrected exploit availability to false.

description
via VulDB
v134d ago

Initial creation