CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2025-7064

criticalcovered by 1 sourcefirst seen 2026-06-23
View CSAF Summary Successful exploitation of this vulnerability could allow access to underlying OS functions even when Freelance Operations is active, depending on system configuration and user permissions. The following versions of ABB Freelance Security Lock are affected: ABB System Version (<=Freelance 2013) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2013 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2016) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2016 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019 SP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2019 SP1 FP1) installed with ABB Freelance Security Lock(All versions) vers:all/* ABB System Version (Freelance 2024) installed with ABB Freelance Security Lock(All versions) vers:all/* CVSS Vendor Equipment Vulnerabilities v3 6.6 ABB ABB Freelance Security Lock Authentication Bypass by Primary Weakness Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Expand All + CVE-2025-7064 An attacker is able to attack Freelance user management when Security Lock is enabled. The precondition is that the attacker bypasses Freelance Operations which blocks access to the Windows operating system. This bypass can be achieved via undocumented or special key combinations available on modern keyboards. These combinations may allow access to underlying OS functions even when Freelance Operations is active, depending on system configuration and user permissions. View CVE Details Affected Products ABB Freelance Security Lock Vendor: ABB Product Ver

CSIRTS triage

vendor: ABBproduct: Freelance Security LockPrivilege escalationaffected: ABB System Version (<=Freelance 2013), Freelance 2013 SP1, Freelance 2016, Freelance 2016 SP1, Freelance 2019, Freelance 2019 SP1
What
Exploitation could allow access to underlying OS functions despite active security measures.
Who is affected
Users of ABB Freelance Security Lock across specified versions.
Urgency
Remediation is critical due to the potential for unauthorized access.
Action
Update to the latest versions of ABB Freelance Security Lock.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2025-7064

Get an email if CVE-2025-7064 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2025-7064

CVE.org record

Embed the live status

CVE-2025-7064 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2025-7064 status](https://www.csirts.com/badge/CVE-2025-7064)](https://www.csirts.com/cve/CVE-2025-7064)