Preface: The default configuration of the ABB RMC-100’s REST interface is disabled. ABB recommends leaving the REST interface disabled when not in use, particularly when configuring MQTT functionality. The RMC-100 is not intended for access over public networks.
Background: The ABB RMC-100 is a popular and widely used remote modular controller, particularly within the oil and gas industry. It is known for its scalability and ability to manage automation, liquids and gas measurement, and asset data concentration for various facility sizes, from large production and transmission facilities to smaller systems. The RMC-100 is part of ABB’s Totalflow portfolio, which has seen over 430,000 units sold since the 1980s.
Service available in some Totalflow devices like the RMC-100. When enabled, the device REST server capabilities are enabled. The device then can be accessed by a REST client such as a web browser. The access is for the configuration of the MQTT parameters.
Uses HTTP methods (protocol) to access resources on a REST server. For example, the web browser which accesses the MQTT configuration interface on the RMC-100.
Vulnerability details: Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password.
Affected Products: This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016.
Official announcement: Please see the link for details –