---
title: "ABB Busch-Welcome Door Actuator Flaw Grants Unauthorized Building Access"
short_title: "ABB door actuator vulnerability exposes buildings to hackers"
description: "ABB warns of a medium-severity flaw in Busch-Welcome 2 Wire Door Opener Actuators, enabling attackers to bypass authentication and gain physical access. Learn how to mitigate."
author: "Vitus"
date: 2024-10-25
categories: [Cybersecurity, Vulnerabilities]
tags: [abb, cve-2025-7705, iot-security, physical-security, authentication-bypass]
score: 0.65
cve_ids: [CVE-2025-7705]
---
## TL;DR
ABB has disclosed a vulnerability (CVE-2025-7705) in its Busch-Welcome 2 Wire Door Opener Actuator, allowing attackers to bypass authentication and gain unauthorized physical access to buildings. The flaw, rated 6.8 (Medium), affects all versions of the Switch Actuator 4 DU and Switch Actuator (Door/Light) 4 DU. ABB recommends a simple on-premise recalibration to mitigate the risk.
Main Content
### Critical Flaw in ABB Door Actuators Puts Physical Security at Risk
Building automation systems are the backbone of modern infrastructure, but a newly disclosed vulnerability in ABB’s Busch-Welcome 2 Wire Door Opener Actuator threatens to undermine their integrity. Attackers exploiting this flaw could bypass authentication mechanisms, gaining unauthorized physical access to commercial facilities worldwide. ABB has issued an advisory detailing the vulnerability and urging customers to apply mitigations immediately.
### Key Points
- Vulnerability Identified: CVE-2025-7705, an active debug code issue, enables authentication bypass in affected ABB door actuators.
- Affected Products: All versions of Switch Actuator 4 DU and Switch Actuator (Door/Light) 4 DU.
- Impact: Successful exploitation could grant attackers physical access to buildings where the devices are installed.
- Severity: Rated 6.8 (Medium) on the CVSS scale, with a physical attack vector (AV:P).
- Mitigation: ABB recommends a mode-switch recalibration and power reset to resolve the misconfiguration.
### Technical Details
#### Vulnerability Breakdown
The vulnerability stems from an active debug code left enabled by default in the Busch-Welcome 2 Wire Door Opener Actuator. This debug mode, intended for development and troubleshooting, inadvertently creates a compatibility mode that bypasses authentication. Attackers with physical access to the device can exploit this flaw to manipulate the system and gain entry to secured areas.
#### Affected Systems
The following ABB products are impacted:
- Switch Actuator 4 DU (all versions)
- Switch Actuator (Door/Light) 4 DU (all versions)
These devices are deployed globally across commercial facilities, making the vulnerability a significant concern for organizations relying on ABB’s building automation solutions.
#### CVSS Metrics
The vulnerability has been assigned the following CVSS metrics:
- Base Score: 6.8 (Medium)
- Vector String: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Attack Vector: Physical (AV:P), meaning exploitation requires physical access to the device.
- Impact: High confidentiality, integrity, and availability impact (C:H/I:H/A:H).
### Impact Assessment
#### Physical Security Risks
The most alarming consequence of CVE-2025-7705 is its potential to compromise physical security. Attackers who exploit this flaw could:
- Gain unauthorized entry to sensitive areas such as offices, data centers, or restricted zones.
- Bypass security protocols designed to protect employees, assets, and confidential information.
- Exploit the vulnerability in combination with other attack vectors to escalate privileges or move laterally within a facility.
#### Sector-Specific Concerns
The vulnerability primarily affects the commercial facilities sector, which includes:
- Office buildings
- Retail spaces
- Hospitality venues
- Educational institutions
Given the global deployment of ABB’s Busch-Welcome systems, organizations worldwide must act swiftly to mitigate the risk.
### Mitigation Steps
ABB has provided a straightforward on-premise mitigation procedure to address the vulnerability:
1. Toggle the Mode Switch: While the system is operational, switch the device from "Door-Open" mode to "Light" mode, wait one second, and switch it back to "Door-Open" mode.
2. Power Reset: Restart the Busch-Welcome system by performing a power reset (turning mains power off and on again).
3. Recalibration: The system will automatically recalibrate during boot-up, correcting the misconfiguration.
ABB urges customers to apply these steps at the earliest convenience to prevent exploitation.
#### Additional Recommendations
- Review System Handbooks: Consult the Busch-Welcome 2 Wire System handbook for security best practices during installation and configuration.
- Network Isolation: Ensure control system devices are not accessible from the internet and are isolated behind firewalls.
- Remote Access: If remote access is required, use secure methods such as VPNs, and ensure all connected devices are up-to-date.
- Monitor for Suspicious Activity: Organizations should monitor for unusual access patterns and report any suspected malicious activity to CISA or local cybersecurity authorities.
## Conclusion
The discovery of CVE-2025-7705 in ABB’s Busch-Welcome 2 Wire Door Opener Actuator underscores the critical intersection of cybersecurity and physical security. While the vulnerability requires physical access to exploit, its potential impact on building security cannot be underestimated. Organizations using affected ABB products must act immediately to apply the recommended mitigations and safeguard their facilities.
As building automation systems become increasingly interconnected, vulnerabilities like this serve as a reminder of the importance of proactive security measures, regular audits, and adherence to vendor guidelines. Stay vigilant, patch promptly, and prioritize the security of both digital and physical assets.
## References
[^1]: ABB PSIRT. "ICSA-26-148-04: ABB Busch-Welcome 2 Wire Door Opener Actuator Vulnerability". CISA. Retrieved 2024-10-25.
[^2]: CVE Details. "CVE-2025-7705". CVE. Retrieved 2024-10-25.
[^3]: MITRE. "CWE-489: Active Debug Code". MITRE. Retrieved 2024-10-25.