Home / Vulnerability Intelligence / CVE-2025-13779

CVE-2025-13779 - Vulnerability Analysis

HighCVSS: 8.3

Last Updated: March 16, 2026

ABB AWIN - Authentication Bypass

Published: March 13, 2026Updated: March 16, 2026

Overview

ABB AWIN GW100 rev.2 2.0-0, 2.0-1 and AWIN GW120 1.2-0, 1.2-1 contain a broken authentication caused by missing authentication for critical functions, letting attackers access critical functions without authentication, exploit requires no special conditions.

Severity & Score

Severity: High

CVSS Score: 8.3

EPSS Score: 2.6%(Probability of exploitation in next 30 days)

Impact

Attackers can access critical functions without authentication, potentially leading to unauthorized control or data manipulation.

Mitigation

Update to the latest available version.

References

https://search.abb.com/library/Download.aspx?DocumentID=4JNO000329&LanguageCode=en&DocumentPartId=&Action=Launch

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 14, 2026

🟠 CVE-2025-13779 - High (8.3) Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13779/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-13779
Severity: High
CVSS Score: 8.3
Type: broken_authentication
Status: unconfirmed
EPSS: 2.6%
Social Posts: 1

CWE

CWE-306

CVSS Metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

EPSS Score

2.6%Probability of exploitation in the next 30 days