---
title: "ABB CoreSense Path Traversal Flaw Exposes Critical Systems to Attack"
short_title: "ABB CoreSense path traversal vulnerability exposed"
description: "ABB patches high-severity path traversal flaw (CVE-2025-3465) in CoreSense HM and M10. Learn how to secure affected systems and mitigate risks now."
author: "Vitus"
date: 2024-10-02
categories: [Cybersecurity, Vulnerabilities]
tags: [abb, path-traversal, cve-2025-3465, ot-security, critical-infrastructure]
score: 0.78
cve_ids: [CVE-2025-3465]
---
## TL;DR
ABB has released critical security updates to address a high-severity path traversal vulnerability (CVE-2025-3465) in its CoreSense HM and CoreSense M10 products. If exploited, this flaw could allow unauthenticated attackers to access restricted directories, compromise systems, and expose sensitive data. Affected organizations are urged to apply patches immediately and implement recommended mitigations to reduce exposure.
Main Content
### Introduction
Industrial control systems (ICS) are increasingly targeted by cyber threats, putting critical infrastructure at risk. ABB, a global leader in industrial technology, has issued a security advisory addressing a high-severity path traversal vulnerability in its CoreSense HM and CoreSense M10 products. Tracked as CVE-2025-3465, this flaw could enable attackers to bypass security controls and gain unauthorized access to sensitive directories. Organizations in food and agriculture, commercial facilities, and critical manufacturing sectors must act swiftly to secure their systems.
### Key Points
- Vulnerability: Path traversal flaw (CVE-2025-3465) in ABB CoreSense HM and CoreSense M10.
- Severity: High (CVSS 7.1) with potential for complete system compromise.
- Affected Versions:
- CoreSense™ HM ≤ 2.3.1, 2.3.4
- CoreSense™ M10 ≤ 1.4.1.12, 1.4.1.31
- Mitigation: Apply patches (CoreSense™ HM v2.3.4 / M10 v1.4.1.31) and restrict local access.
- Impacted Sectors: Food and agriculture, commercial facilities, and critical manufacturing.
### Technical Details
The vulnerability stems from improper limitation of a pathname to a restricted directory, a classic path traversal issue (CWE-22). Attackers can exploit this flaw by manipulating input data in the file parameter of the CoreSense products. Successful exploitation could lead to:
- Unauthorized access to restricted directories.
- Exposure of sensitive system information.
- Potential full system compromise.
The flaw is exploitable only when an attacker has local access to the machine hosting the web application, such as through malicious software or misconfigured firewalls.
### Impact Assessment
#### Who Is at Risk?
Organizations using ABB CoreSense HM or CoreSense M10 in the following sectors are particularly vulnerable:
- Food and Agriculture: Industrial monitoring and control systems.
- Commercial Facilities: Building automation and energy management.
- Critical Manufacturing: Production line monitoring and safety systems.
#### Potential Consequences
- Data Breaches: Exposure of confidential operational data.
- Operational Disruption: Unauthorized access could lead to system downtime or manipulation.
- Regulatory Non-Compliance: Failure to patch may result in violations of industry security standards.
## Attack Vector
Exploitation requires local network access to the affected system. Attackers could:
1. Gain access to the local network via compromised devices or misconfigured firewalls.
2. Exploit the path traversal flaw to navigate restricted directories.
3. Extract or manipulate sensitive data, leading to further compromise.
### Mitigation Steps
ABB has released patches to address this vulnerability. Organizations should:
1. Apply Updates Immediately:
- Upgrade to CoreSense™ HM v2.3.4 or later.
- Upgrade to CoreSense™ M10 v1.4.1.31 or later.
2. Restrict Local Access:
- Limit access to the host machine to authorized personnel only.
- Implement strict input validation and path sanitization.
3. Follow CISA Recommendations:
- Isolate control system networks from business networks.
- Use VPNs for remote access and ensure they are up-to-date.
- Monitor for suspicious activity and report incidents to CISA.
For detailed guidance, refer to ABB’s security advisory and CISA’s recommended practices.
## Conclusion
The CVE-2025-3465 path traversal vulnerability in ABB CoreSense HM and M10 highlights the growing risks to industrial control systems. While the flaw requires local access for exploitation, its potential impact on critical infrastructure cannot be underestimated. Organizations must patch affected systems immediately, restrict access, and follow best practices to mitigate risks. Proactive cybersecurity measures are essential to safeguarding industrial environments from evolving threats.
## References
[^1]: ABB. "Security Advisory: CoreSense HM and M10 Path Traversal Vulnerability". Retrieved 2024-10-02.
[^2]: CISA. "ICS Advisory (ICSA-26-139-01): ABB CoreSense HM and M10". Retrieved 2024-10-02.
[^3]: MITRE. "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')". Retrieved 2024-10-02.