CVE-2025-3756 - Vulnerability Details

- Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850

Description

A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation.

The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function.

This issue affects AC800M (System 800xA): from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.

Published: 2026-04-13

Score: 7.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A vulnerability in the command handling of the IEC 61850 stack allows an attacker with access to IEC 61850 networks to send a specially crafted packet that can force the communication interfaces of the PM 877, CI850, and CI868 modules into fault mode or render the S+ Operations 61850 connectivity unavailable, leading to a denial‑of‑service for the affected communication functions. The weakness is a misuse of resources due to improper command validation, identified as CWE‑1284.

Affected Systems

The affected products are ABB AC800M (System 800xA) revisions from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, and from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series models A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack) models from 3.10 to 3.52; and S+ Operations models 2.1, 2.2, 2.3, and 3.3. The System 800xA IEC 61850 Connect variant is explicitly not affected.

Risk and Exploitability

The CVSS score of 7.1 indicates a moderate severity while the EPSS score is unavailable and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires network access to the IEC 61850 domain, suggesting the attack vector is remote, within the operational network that handles IEC 61850 traffic. The impact is localized to the communication interfaces, causing denial of service for 61850 connectivity but not affecting the overall system availability or core functionality of the S+ Operations node. Given the moderate severity and the need for specialized network access, the risk to an organization with strong network segmentation may be lower, but any exposed IEC 61850 network could be a potential entry point.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

ABB

AC800M (System 800xA)

unaffected

Version	Status	Constraints
`6.0.0x`	affected	≤ 6.0.0303.0
`6.1.0x`	affected	≤ 6.1.0031.0
`6.1.1x`	affected	≤ 6.1.1004.0
`6.1.1x`	affected	≤ 6.1.1202.0
`6.2.0x`	affected	≤ 6.2.0006.0

ABB

Symphony Plus SD Series

unaffected

Version	Status	Constraints
`A_0`	affected	—
`A_1`	affected	—
`A_2.003`	affected	—
`A_3.005`	affected	—
`A_4.001`	affected	—
`B_0.005`	affected	—

ABB

Symphony Plus MR (Melody Rack)

unaffected

Version	Status	Constraints
`3.10`	affected	≤ 3.52

ABB

S+ Operations

unaffected

Version	Status	Constraints
`2.1`	affected	—
`2.2`	affected	—
`2.3`	affected	—
`3.3`	affected	—

No data.

Vendor Product Confidence Versions

Abb

800xa System

100%

Version	Status	Scheme	Platform
`[6.0.0x,6.0.0303.0]`	affected	generic	—
`[6.1.0x,6.1.0031.0]`	affected	generic	—
`[6.1.1x,6.1.1004.0]`	affected	generic	—
`[6.1.1x,6.1.1202.0]`	affected	generic	—
`[6.2.0x,6.2.0006.0]`	affected	generic	—

Abb

Symphony + Operations

81%

Version	Status	Scheme	Platform
`2.1`	affected	generic	—
`2.2`	affected	generic	—
`2.3`	affected	generic	—
`3.3`	affected	generic	—

Abb

Symphony Plus Mr (melody Rack)

100%

Version	Status	Scheme	Platform
`[3.10,3.52]`	affected	generic	—

Abb

Symphony Plus Sd Series

100%

Version	Status	Scheme	Platform
`A_0`	affected	generic	—
`A_1`	affected	generic	—
`A_2.003`	affected	generic	—
`A_3.005`	affected	generic	—
`A_4.001`	affected	generic	—
`B_0.005`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the software update released by ABB for the affected AC800M, Symphony Plus SD, Symphony Plus MR, and S+ Operations revisions listed in the ABB advisory (DocumentID=7PAA020125).
Ensure that the System 800xA IEC 61850 Connect variant remains up‑to‑date to avoid other vulnerabilities.
Segment the network and restrict IEC 61850 traffic to trusted devices with dedicated firewall rules.
Monitor IEC 61850 traffic for anomalous packets that could indicate attempts to trigger the vulnerability.

Generated by OpenCVE AI on April 13, 2026 at 18:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00038.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=7PAA020125&LanguageCode=en&DocumentPartId=&Action=Launch

History

Tue, 14 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Abb Abb 800xa System Abb symphony + Operations Abb symphony Plus Mr (melody Rack) Abb symphony Plus Sd Series
Vendors & Products		Abb Abb 800xa System Abb symphony + Operations Abb symphony Plus Mr (melody Rack) Abb symphony Plus Sd Series

Mon, 13 Apr 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 13 Apr 2026 17:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication interfaces of the PM 877, CI850 and CI868 modules into fault mode or causing unavailability of the S+ Operations 61850 connectivity, resulting in a denial-of-service situation. The System 800xA IEC61850 Connect is not affected. Note: This vulnerability does not impact on the overall availability and functionality of the S+ Operations node, only the 61850 communication function. This issue affects AC800M (System 800xA): from 6.0.0x through 6.0.0303.0, from 6.1.0x through 6.1.0031.0, from 6.1.1x through 6.1.1004.0, from 6.1.1x through 6.1.1202.0, from 6.2.0x through 6.2.0006.0; Symphony Plus SD Series: A_0, A_1, A_2.003, A_3.005, A_4.001, B_0.005; Symphony Plus MR (Melody Rack): from 3.10 through 3.52; S+ Operations: 2.1, 2.2, 2.3, 3.3.
Title		Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850
Weaknesses		CWE-1284
References		https://search.abb.com/library/Download.aspx?DocumentID=7PAA020125&LanguageCode=en&DocumentPartId=&Action=Launch
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}`

Subscriptions

Abb 800xa System Symphony + Operations Symphony Plus Mr (melody Rack) Symphony Plus Sd Series

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2026-04-13T17:11:08.412Z

Updated: 2026-04-13T18:03:41.437Z

Reserved: 2025-04-17T10:42:33.414Z

Link: CVE-2025-3756

Vulnrichment

Updated: 2026-04-13T18:03:25.807Z

NVD

Status : Awaiting Analysis

Published: 2026-04-13T18:16:27.887

Modified: 2026-04-17T15:18:16.507

Link: CVE-2025-3756

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-14T16:33:51Z

Weaknesses

CWE-1284

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object