CVE-2025-09876

HighProof-of-Concept

ABB AC500 PLC Denial of Service via Malformed Packets

7.5

CVSS v3.1 Base Score

High severity — Prioritize remediation

AV: Network AC: LowAuth: None

ABB AC500 V3 PLCs crash when receiving malformed PROFINET UDP packets on the CM579-PNIO module. The attack causes a non-recoverable CPU fault requiring physical restart. No code execution, but denial of service in safety-critical environments is a serious concern. No known active exploitation.

Status

Proof-of-Concept

Complexity

Low

Auth Required

Initial Access

PROFINET UDP multicast (UDP/34962-34964)

Known Techniques

Malformed PROFINET DCP Identify request with invalid block length
Rapid PROFINET alarm notification flood exceeding queue capacity

Published:2025-01-28

Modified:2025-02-08

Vendor:ABB

CWE:CWE-400

Uncontrolled Resource Consumption

Risk Summary

Overall RiskHigh

ExploitationProof-of-Concept

DetectionMedium coverage

Detection Rate85%

Rules Available1

CVE-2025-09876

ABB AC500 PLC Denial of Service via Malformed Packets

CVSS v3.1 Base Score

Executive Summary

Exploitation Context

Technical Vulnerability Breakdown

Full Description

Detection & Rule Intelligence (1 rules)

Rule Effectiveness & Testing Results

OT Risk Assessment

Mitigation & Response Guidance

Recommendations & Tuning Notes

Affected Products

References