What is CVE-2025-3756?

CVE-2025-3756 is a medium-severity vulnerability in Abb Ac800m (System 800xa), classified under Improper Validation of Specified Quantity in Input. CVSS score: 6.5/10. Published 2026-04-13.

How severe is CVE-2025-3756?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Abb Ac800m (System 800xa)

CVE-2025-3756

A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a…

EPSS: 0.000 (8.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Abb Ac800m (System 800xa) — versions 6.0.0x, 6.1.0x, 6.1.1x
Abb S+ Operations — versions 2.1, 2.2, 2.3
Abb Symphony Plus Mr (Melody Rack) — versions 3.10
Abb Symphony Plus Sd Series — versions A_0, A_1, A_2.003

Weakness classification (CWE)

CWE-1284 — Improper Validation of Specified Quantity in Input

References

cybersecurity@ch.abb.com

Frequently asked questions

What is CVE-2025-3756?: CVE-2025-3756 is a medium-severity vulnerability in Abb Ac800m (System 800xa), classified under Improper Validation of Specified Quantity in Input. CVSS score: 6.5/10. Published 2026-04-13.
How severe is CVE-2025-3756?: Medium severity. CVSS v3 base score is 6.5 out of 10.