CVE-2025-13778

CWE-306Missing Authentication3 documents3 sources
Severity
7.1HIGH
EPSS
0.0%
top 89.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ABB Awin Gw100 Rev.2ABB Awin Gw120
Timeline
PublishedMar 13

Description

Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5abb/awin_gw1201.2-0, 1.2-1+1
CVEListV5abb/awin_gw100_rev.22.0-0, 2.0-1+1

🔴Vulnerability Details

2
GHSA
GHSA-vq55-x4qg-pqgj: Missing authentication for critical function vulnerability in ABB AWIN GW100 rev2026-03-13
CVEList
Device Reboot Control2026-03-13