{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/optimax-6.2/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.1,"id":"CVE-2025-14510"}],"_cs_exploited":false,"_cs_products":["OPTIMAX 6.1","OPTIMAX 6.2","OPTIMAX 6.3","OPTIMAX 6.4","Azure Active Directory"],"_cs_severities":["high"],"_cs_tags":["authentication bypass","ics","vulnerability"],"_cs_type":"advisory","_cs_vendors":["ABB","Microsoft"],"content_html":"\u003cp\u003eA critical vulnerability, CVE-2025-14510, affects ABB Ability OPTIMAX versions that utilize Azure Active Directory (Azure AD) for Single-Sign On (SSO) authentication. This flaw stems from an incorrect implementation of the authentication algorithm, potentially allowing attackers to bypass the Azure AD authentication mechanism and gain unauthorized access to the OPTIMAX system. The affected versions include ABB Ability OPTIMAX 6.1 and 6.2 (all versions), 6.3 versions prior to 6.3.1-251120, and 6.4 versions prior to 6.4.1-251120. Successful exploitation could lead to significant disruption in energy, water, and wastewater sectors. The vulnerability was reported to CISA by ABB PSIRT.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an ABB Ability OPTIMAX installation using Azure AD SSO with a vulnerable version (6.1, 6.2, 6.3 \u0026lt; 6.3.1-251120, or 6.4 \u0026lt; 6.4.1-251120).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious authentication request, exploiting the incorrect implementation of the authentication algorithm (CWE-303).\u003c/li\u003e\n\u003cli\u003eThe crafted request bypasses the expected Azure AD authentication checks within OPTIMAX.\u003c/li\u003e\n\u003cli\u003eOPTIMAX incorrectly validates the attacker\u0026rsquo;s session, granting them access to the system.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages their unauthorized access to gain control over OPTIMAX functionalities.\u003c/li\u003e\n\u003cli\u003eThe attacker can then modify control parameters, manipulate data, or disrupt operations within the connected industrial processes.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-14510 enables unauthorized access to ABB Ability OPTIMAX systems, potentially leading to severe consequences in critical infrastructure sectors such as energy, water, and wastewater. An attacker could manipulate industrial processes, disrupt critical services, or cause significant financial and operational damage. Given the widespread deployment of ABB Ability OPTIMAX systems globally, a successful campaign exploiting this vulnerability could have far-reaching impact.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update ABB Ability OPTIMAX to fixed versions (6.3.1-251120 and later) to remediate CVE-2025-14510.\u003c/li\u003e\n\u003cli\u003eRefer to ABB PSIRT security advisory 9AKK108472A1331 for detailed mitigation steps and recommendations.\u003c/li\u003e\n\u003cli\u003eMinimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet, as per CISA\u0026rsquo;s recommended practices.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-30T12:00:00Z","date_published":"2026-04-30T12:00:00Z","id":"/briefs/2026-04-optimax-auth-bypass/","summary":"CVE-2025-14510 allows an attacker to bypass Azure Active Directory Single-Sign On authentication in vulnerable ABB Ability OPTIMAX versions, potentially granting unauthorized access to critical infrastructure systems.","title":"ABB Ability OPTIMAX Authentication Bypass Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-optimax-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — OPTIMAX 6.2","version":"https://jsonfeed.org/version/1.1"}