CISA flags ABB Freelance Security Lock bypass

CISA’s advisory is narrow in exploit mechanics and broad in operational discomfort. CVE-2025-7064 is not remotely exploitable, and CISA says it has no reports of known public exploitation. But the affected component is ABB Freelance Security Lock, the feature meant to keep users inside Freelance Operations and away from the Windows operating system. When special keyboard combinations can defeat that boundary, the CVSS 3.1 score of 6.6 stops being the whole story.

The affected set is wide: all versions of ABB Freelance Security Lock installed with ABB System Version through Freelance 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1 and 2024. CISA lists the sector as Critical Manufacturing and deployment as worldwide. For defense-industrial-base operators, contractors and MSPs supporting those environments, this is the familiar ICS problem of a local vulnerability sitting very close to process control and safety consequences.

The remediation text is thinner than the risk statement. CISA points users to ABB PSIRT advisory 7PAA020361 and gives the standard industrial-control guidance: reduce network exposure, keep control systems off the internet, isolate control networks from business networks, use secure remote-access methods when required, and perform impact analysis before defensive changes. It does not give a clean patch timeline in the advisory text. Monday’s work is therefore inventory first: identify Freelance Security Lock deployments, confirm whether keyboard paths to OS functions are blocked under the actual workstation configuration, restrict physical and remote-console access, and track ABB’s PSIRT guidance for a firmer fix.