An authorization bypass vulnerability in the ABB T-MAC Plus system allows unauthorized users to gain elevated access, potentially leading to unauthorized control of industrial processes.

The vulnerability stems from the system's reliance on user-controlled keys for authorization decisions. An attacker can manipulate these keys to bypass authentication or authorization checks, gaining access to restricted functions or data without proper credentials.

With a CVSS score of 8.8, this vulnerability poses a severe threat to operational technology (OT) environments. Successful exploitation could lead to unauthorized modification of industrial process parameters, system instability, or the bypass of critical safety controls, potentially resulting in operational downtime or physical safety incidents.

Immediate Action: Apply the vendor-provided security update or patch to the T-MAC Plus system to correct the authorization logic.

Proactive Monitoring: Monitor access control logs for unusual activity, specifically for users attempting to access modules or settings outside of their assigned permissions.

Compensating Controls: Implement strict network segmentation to isolate the T-MAC Plus system from untrusted networks and enforce multi-factor authentication (MFA) where supported.

Public Exploit Available: false

Given the critical nature of industrial control systems, this authorization bypass must be addressed as a top priority. Administrators should apply the necessary patches and review all access control configurations to ensure that only authorized personnel have access to sensitive system functions.