CVE-2025-4676

CWE-3033 documents3 sources

Severity

8.4HIGH

EPSS

0.0%

top 98.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB Webpro Snmp Card Powervalue ABB Webpro Snmp Card Powervalue UL

Timeline

PublishedJan 7

Description

Incorrect Implementation of Authentication Algorithm vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H

Affected Packages2 packages

▶CVEListV5abb/webpro_snmp_card_powervalue1.1.8.k

▶CVEListV5abb/webpro_snmp_card_powervalue_ul1.1.8.k

🔴Vulnerability Details

CVEList

Authentication bypass by brute forcing Authentication Headers↗2026-01-07

▶

GHSA

GHSA-m9qp-frxf-whqw: Incorrect Implementation of Authentication Algorithm vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL↗2026-01-07

▶