Description
Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.
Published: 2026-03-13
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Patch Immediately
AI Analysis

Impact

The vulnerability is a capture‑replay flaw that allows an attacker to replay valid credentials and gain unauthorized access to the device. Key weakness is improper session validation, identified as CWE‑294, which permits bypass of the authentication mechanism. This can compromise device control and insider access, potentially leading to unauthorized configuration changes.

Affected Systems

Affected vendors: ABB AWIN GW100 rev.2 and AWIN GW120. Specific product versions impacted are AWIN GW100 rev.2 versions 2.0-0 and 2.0-1, and AWIN GW120 versions 1.2-0 and 1.2-1.

Risk and Exploitability

The CVSS score of 7.2 indicates moderate to high severity. The EPSS score of less than 1 % reflects a low probability of exploitation at this time, and the vulnerability is not listed in CISA’s KEV catalog. Based on the description, the likely attack path involves capturing a valid session and replaying it over the network; no explicit remote code execution or privilege escalation is described, but the impact is immediate unauthorized access. The absence of an official workaround means risk mitigation relies on patching or isolation.

Generated by OpenCVE AI on March 19, 2026 at 14:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Review ABB’s firmware repository for updated AWIN GW100 rev.2 and AWIN GW120 releases
  • Install the latest firmware version that addresses the authentication bypass
  • Validate session management after the update
  • Restrict network access to the device until the firmware is updated

Generated by OpenCVE AI on March 19, 2026 at 14:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 16 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Abb
Abb awin Gw100 Rev.2
Abb awin Gw120
Vendors & Products Abb
Abb awin Gw100 Rev.2
Abb awin Gw120

Fri, 13 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 13 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Description Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1.
Title Authentication Bypass due to Improper Session Validation
Weaknesses CWE-294
References
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H'}

cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Abb Awin Gw100 Rev.2 Awin Gw120
cve-icon MITRE

Status: PUBLISHED

Assigner: ABB

Published:

Updated: 2026-03-13T13:35:36.115Z

Reserved: 2025-11-28T14:22:32.497Z

Link: CVE-2025-13777

cve-icon Vulnrichment

Updated: 2026-03-13T13:35:33.495Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-13T19:53:49.073

Modified: 2026-03-16T14:54:11.293

Link: CVE-2025-13777

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T12:03:00Z

Weaknesses