ABB Freelance Security Lock
View CSAF Summary Successful exploitation of this vulnerability could allow access to underlying OS functions even when Freelance Operations is active, depending on system configuration and user permissions. The following versions of ABB Freelance Security Lock are affected: ABB System Version (<=Freelance 2013) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2013 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2016) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2016 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019 SP1 FP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2024) installed with ABB Freelance Security Lock(All versions) vers:all/* CVSS Vendor Equipment Vulnerabilities v3 6.6 ABB ABB Freelance Security Lock Authentication Bypass by Primary Weakness Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2025-7064 An attacker is able to attack Freelance user management when Security Lock is enabled. The precondition is that the attacker bypasses Freelance Operations which blocks access to the Windows operating system. This bypass can be achieved via undocumented or special key combinations available on modern keyboards. These combinations may allow access to underlying OS functions even when Freelance Operations is active, depending on system configuration and user permissions. View CVE Details Affected Products ABB Freelance Security Lock Vendor: ABB Product Ver
CSIRTS triage
- What
- Exploitation could allow access to underlying OS functions despite active security measures.
- Who is affected
- Users of ABB Freelance Security Lock across specified versions.
- Urgency
- Remediation is critical due to the potential for unauthorized access.
- Action
- Update to the latest versions of ABB Freelance Security Lock.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Freelance Security Lock
Get an email when a new Freelance Security Lock advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-05
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2025-70640.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-7064 | coverage & exploitation status | NVD · CVE.org |
More from CISA Cybersecurity Advisories
- highCISA Adds Two Known Exploited Vulnerabilities to Catalog2026-07-10
- criticalSchneider Electric PowerChute Serial Shutdown2026-07-09
- criticalOpenPLC v32026-07-09
- criticalSchneider Electric Easergy MiCOM Px40 Series2026-07-09
- highCISA Adds One Known Exploited Vulnerability to Catalog2026-07-07