ABB Zenon Software Flaw Allows Unauthorized System Reboot

ABB has identified a critical vulnerability in its Ability Zenon Remote Transport software affecting versions 7.50 through 14. The flaw enables attackers to bypass authentication and trigger unauthorized system reboots without proper credentials. The vulnerability (CVE-2025-8754) stems from missing authentication controls in the default configuration. Exploitation requires prior network access to affected systems. The vulnerability impacts critical infrastructure sectors including energy, healthcare, water management, and communications worldwide. Currently, no active exploitation in the wild has been reported. ABB recommends restricting network access to systems running the affected software as a temporary measure. Source: ABB Security Advisory.