CVE-2025-6072

Summary

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE.

When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.

Affected Software

VendorProductVersion RangeStatus
ABBRMC-1002105457-043 <= 2105457-045affected
ABBRMC-100 LITE2106229-015 <= 2106229-016affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References