CVE-2025-3465
π TL;DR
This path traversal vulnerability in ABB CoreSense HM and M10 devices allows attackers to access files outside the intended directory. It affects CoreSense HM versions through 2.3.1 and CoreSense M10 versions through 1.4.1.12. Attackers could potentially read sensitive system files or configuration data.
π» Affected Systems
- ABB CoreSenseβ’ HM
- ABB CoreSenseβ’ M10
β οΈ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
π Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
β οΈ Risk & Real-World Impact
Worst Case
Complete system compromise through reading sensitive configuration files, credentials, or system files leading to further attacks
Likely Case
Information disclosure of configuration files, potentially exposing network details or device credentials
If Mitigated
Limited impact if proper network segmentation and access controls prevent unauthorized access
π― Exploit Status
Path traversal vulnerabilities typically require minimal technical skill to exploit once the attack vector is identified
π οΈ Fix & Mitigation
β Official Fix
Patch Version: CoreSense HM: above 2.3.1; CoreSense M10: above 1.4.1.12
Vendor Advisory: https://search.abb.com/library/Download.aspx?DocumentID=3KXG200000R4801&LanguageCode=en&DocumentPartId=&Action=Launch
Restart Required: Yes
Instructions:
1. Download latest firmware from ABB portal. 2. Backup current configuration. 3. Apply firmware update following ABB documentation. 4. Verify update completed successfully. 5. Restore configuration if needed.
π§ Temporary Workarounds
Network Segmentation
allIsolate CoreSense devices from untrusted networks and internet
Access Control Lists
allImplement strict firewall rules limiting access to CoreSense devices
π§― If You Can't Patch
- Implement strict network segmentation to isolate vulnerable devices
- Deploy web application firewall with path traversal protection rules
π How to Verify
Check if Vulnerable:
Check device firmware version via web interface or CLI against affected versionsCheck Version:
Check via device web interface or consult ABB documentation for version query commandsVerify Fix Applied:
Verify firmware version is above affected ranges: HM > 2.3.1, M10 > 1.4.1.12π‘ Detection & Monitoring
Log Indicators:
- Unusual file access patterns
- Multiple ../ sequences in HTTP requests
- Access attempts to sensitive system paths
Network Indicators:
- HTTP requests containing ../ sequences
- Unusual file extensions in requests to CoreSense devices
SIEM Query:
http.uri contains "../" AND (device.vendor contains "ABB" OR device.model contains "CoreSense")