{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/ppt30-operating-system/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2025-11482"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PPT30 Operating System"],"_cs_severities":["medium"],"_cs_tags":["industrial control system","denial of service","vulnerability"],"_cs_type":"advisory","_cs_vendors":["ABB"],"content_html":"\u003cp\u003eOn May 26, 2026, ABB published a security advisory addressing CVE-2025-11482, a vulnerability affecting the PPT30 Operating System. This vulnerability specifically impacts the PPT30 OPC-UA Server and its ability to handle concurrent connections. The affected versions are those prior to 1.8.0. Successful exploitation could lead to denial of service or other unspecified impacts on the industrial control system. This advisory highlights the importance of patching industrial control systems to maintain operational integrity.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable PPT30 Operating System running a version prior to 1.8.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a series of concurrent connection requests to the PPT30 OPC-UA Server.\u003c/li\u003e\n\u003cli\u003eThe OPC-UA Server attempts to process all incoming connection requests.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability (CVE-2025-11482), the server\u0026rsquo;s resources are exhausted by the flood of connection attempts.\u003c/li\u003e\n\u003cli\u003eThe OPC-UA server becomes unresponsive, leading to a denial-of-service condition.\u003c/li\u003e\n\u003cli\u003eCritical control system functions reliant on the OPC-UA server are impacted.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-11482 can lead to a denial-of-service condition within industrial control systems utilizing the affected ABB PPT30 Operating System. This can disrupt critical operations, potentially leading to process interruptions and safety concerns. The number of affected systems is currently unknown, but the vulnerability affects any deployment running PPT30 Operating System versions prior to 1.8.0.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the PPT30 Operating System to version 1.8.0 or later to patch CVE-2025-11482, as recommended in the ABB security advisory (\u003ca href=\"https://br-cws-assets.de-fra-1.linodeobjects.com/SA25P006-0eec719c.pdf\"\u003ehttps://br-cws-assets.de-fra-1.linodeobjects.com/SA25P006-0eec719c.pdf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious connection patterns targeting OPC-UA servers on systems running PPT30, using the provided Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:36:29Z","date_published":"2026-05-26T14:36:29Z","id":"https://feed.craftedsignal.io/briefs/2026-05-abb-ppt30-cve-2025-11482/","summary":"A vulnerability, CVE-2025-11482, exists in ABB's PPT30 Operating System related to handling concurrent connections in the PPT30 OPC-UA Server, affecting versions prior to 1.8.0.","title":"ABB PPT30 Operating System Vulnerability (CVE-2025-11482)","url":"https://feed.craftedsignal.io/briefs/2026-05-abb-ppt30-cve-2025-11482/"}],"language":"en","title":"CraftedSignal Threat Feed — PPT30 Operating System","version":"https://jsonfeed.org/version/1.1"}