Vulnerability intelligence
CVE-2025-3450
An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions before 6.3 and before Q4.93 may allow an unauthenticated network-based attacker to delete data causing denial of service conditions.
CVSS Score
10
Critical
EPSS — Exploit Probability
0.1%
Riskier than 19% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
1 article across 1 outlet · first covered May 26, 2026 · latest May 26, 2026
Coverage timeline
-
ABB B&R Automation SDM Flaw CVE-2025-3450 Allows Remote DoSwww.cisa.gov · May 26, 2026