CVE-2025-14774
7.4 HIGHIncorrect Authorization vulnerability in ABB T-MAC Plus
Published: 2026-06-03 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 7.4 HIGH
- Vector
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- CWE
- CWE-863
Affected products
| Vendor | Product |
|---|---|
| abb | t-mac_plus |
Description
Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-14773 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus (8.0 HIGH)
- CVE-2025-14772 — Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus (8.8 HIGH)
- CVE-2025-14771 — Files or directories accessible to external parties vulnerability in ABB T-MAC Plus (9.9 CRITICAL)
- CVE-2019-10953 — ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions (7.5 HIGH)
Same CWE
- CVE-2026-49219 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
- CVE-2026-53738 — Copy & Delete Posts through 1.5.4 lets any plugin-enabled non-admin role invoke every operation in the cdp_action_handling AJAX handler (8.1 HIGH)
- CVE-2026-49824 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
- CVE-2026-49823 — Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (7.7 HIGH)
- CVE-2026-48860 — Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the dis...