CVE-2025-13777

CWE-2943 documents3 sources
Severity
7.2HIGH
EPSS
0.0%
top 91.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ABB Awin Gw100 Rev.2ABB Awin Gw120
Timeline
PublishedMar 13

Description

Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5abb/awin_gw1201.2-0, 1.2-1+1
CVEListV5abb/awin_gw100_rev.22.0-0, 2.0-1+1

🔴Vulnerability Details

2
CVEList
Authentication Bypass due to Improper Session Validation2026-03-13
GHSA
GHSA-7q82-436p-v87w: Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev2026-03-13