CVE Field Guide
About Us
CVE-2025-14774
PUBLISHED
Communication analysis between the Card Reader and TP2CardReaderService daemon
Assigner:
ABB
Reserved:
16.12.2025
Published:
03.06.2026
Updated:
03.06.2026
Incorrect Authorization vulnerability in ABB T-MAC Plus.
This issue affects T-MAC Plus: 4.0-24.
Metrics
CVSS 3.1
CVSS 4.0
CVSS Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CVSS Score:
7.4
CVSS score
7.4
Attack Vector
Adjacent Network
Scope
Changed
Attack Complexity
Low
Confidentiality Impact
None
Privileges Required
None
Integrity Impact
None
User Interaction
None
Availability Impact
High
CVSS 3.1
CVSS Vector:
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
CVSS Score:
7.2
CVSS score
7.2
Exploitability Metrics
Vulnerable System Impact Metrics
Subsequent System Impact Metrics
Attack Vector
Adjacent
Confidentiality
None
Confidentiality
None
Attack Complexity
Low
Integrity
High
Integrity
High
Attack Requirements
Present
Availability
High
Availability
High
Privileges Required
None
User Interaction
None
CVSS 4.0
Product Status
Vendor
ABB
Product
T-MAC Plus
Versions
Default:
unaffected
Version 4.0-24 is affected
References
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&LanguageCode=en&DocumentPartId=&Action=Launch
Problem Types
CWE-863 Incorrect Authorization
CWE