CVE-2025-14510 in ABB Ability OPTIMAX allows full authentication bypass when Azure Active Directory SSO is enabled, with no fix available for version 6.1 or 6.2 - part of a six-advisory ABB batch published 30 April 2026 affecting EU water and energy operators.
CVE-2025-14510 enables complete authentication bypass in ABB OPTIMAX systems using Azure AD integration, demonstrating cloud identity risks in OT environments.
Six European water utilities disclosed ransomware between January and mid-April 2026, against three in the same period of 2025. The doubling reflects three distinct criminal ecosystems pivoting toward critical infrastructure with operational impact pricing in their negotiation logic.