CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-3395: Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This...

7.1 CVSS

Description

Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.

Classification

CVE ID: CVE-2025-3395

CVSS Base Severity: HIGH

CVSS Base Score: 7.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Problem Types

CWE-732 Incorrect Permission Assignment for Critical Resource CWE-312 Cleartext Storage of Sensitive Information

Affected Products

Vendor: ABB

Product: Automation Builder

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.24% (scored less or equal to compared to others)

EPSS Date: 2025-05-29 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-3395
https://search.abb.com/library/Download.aspx?DocumentID=3ADR011407&LanguageCode=en&DocumentPartId=&Action=Launch

Timeline

2025-04-30 13:40:10 UTC
CVE

Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This...