CVE-2023-0425

Name: CVE-2023-0425
Creator: NVD / NIST
Published: 2023-08-07T06:15:10.09+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 0.40%

Last modified Jun 17, 2026

CVE-2023-0425 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1. . EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.40%

31.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-839

Affected Software

Vendor	Product	Versions
Abb	Ac700f Firmware	>= 9.0.0, < 9.2.0
Abb	Ac700f Firmware	9.2.0
Abb	Freelance 2013	All versions
Abb	Freelance 2016	All versions
Abb	Freelance 2019	All versions

References

Timeline

Published: Aug 7, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-0425?

How severe is CVE-2023-0425?

CVE-2023-0425 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2023-0425?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-0425?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST