cve 2025 10571

CVE-2025-10571 is a critical authentication-bypass vulnerability in ABB Ability Edgenius Management Portal versions 3.2.0.0 and 3.2.1.1, with a CVSS score of 9.6. This flaw allows a network-adjacent attacker to execute arbitrary code and modify deployed applications, posing significant risks to industrial edge platforms. CISA republished ABB's advisory on April 30, 2026. ABB has released a fix in version 3.2.2.0. The vulnerability highlights how edge management planes have become a soft target in industrial control systems, emphasizing the need for prompt patching and security hardening in OT environments.