ABB LVS MConfig Vulnerability Advisory

ABB LVS MConfig Vulnerability Advisory

ABB has identified an internally discovered vulnerability in the MConfig product. This vulnerability affects the following versions: LVS <= 1.4.9.21. An attacker with access to local networks could exploit this vulnerability to gain access to sensitive information stored within the application.

Details of the Vulnerability

The vulnerability, classified as CVE-2025-9970, allows an attacker to export memory dump files during the runtime of the MConfig Software application. If passwords are stored in plain text, they may be included in these dump files. Mishandling of these files could lead to the extraction of sensitive user credentials.

Impact

The MConfig software is essential for parameterizing ABB LV switchgear components, including motor and feeder controllers, operation panels, and temperature monitoring solutions. The vulnerability can only be exploited if an attacker has physical access to the host machine running the MConfig software. If successfully exploited, this could compromise the operation of the switchgear components.

Recommendations

ABB strongly advises users to update to the latest software version, MConfig version 1.4.9.22, which resolves this vulnerability by implementing measures such as clearing authentication-related memory data after login and hashing passwords using SHA256. Additionally, CISA recommends minimizing network exposure for all control system devices and ensuring they are not accessible from the internet. It is also advised to locate control system networks behind firewalls and isolate them from business networks.

For more detailed information, please refer to the full advisory: Read full article 🚀