[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-abb-busch-welcome-door-actuator-vulnerable-to-authentication-bypass":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":34,"persona_id":22,"persona_name":22,"section":22,"tags":35,"sources":39,"feedback":43,"feedback_at":22,"cost_usd":43,"total_tokens":43},1012,"abb-busch-welcome-door-actuator-vulnerable-to-authentication-bypass","ABB Busch-Welcome door actuator vulnerable to authentication bypass","A default compatibility mode lets attackers bypass authentication and gain physical entry, and ABB advises a simple mode toggle and power reset to fix it.","- ABB's Busch-Welcome 2‑wire door opener actuator contains a flaw that lets an attacker skip authentication when the device runs in its default compatibility mode.\n\nThe vulnerability, tracked as CVE‑2025‑7705, affects all versions of the Switch Actuator 4 DU and the door\u002Flight variant. Exploiting it requires only physical proximity to the control panel, after which the attacker can open doors or lights at will. ABB recommends toggling the mode switch from “Door‑Open” to “Light” for one second, then back, followed by a full power cycle to force recalibration and remove the unsafe setting.\n\nThe issue matters because the actuators are installed worldwide in commercial facilities, often as part of critical‑infrastructure access control. An unauthenticated breach can translate directly into unauthorized building entry, undermining physical security programs that assume the actuator is a trusted point.\n\nIn short, the fix is a quick on‑site toggle and reboot, but operators should audit all Busch‑Welcome units, apply the steps promptly, and consider network isolation to limit exposure.","[\"ics\",\"vulnerability\",\"access-control\"]","2026-05-28T12:00:00.000Z","2026-06-16T03:55:13.567Z","2026-06-16T03:55:19.211Z","published",null,[24,30],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"Add a clear concluding paragraph that summarizes the impact and recommended actions.","resolved",{"id":31,"reviewer":26,"round":32,"reason":33,"status":29},"editor-r2",2,"Add a clear concluding paragraph that summarizes the vulnerability’s impact and the recommended remediation steps.","https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fabb-busch-welcome-door-actuator-vulnerable-to-authentication-bypass.webp",[36,37,38],"ics","vulnerability","access-control",[40],{"name":41,"url":42},"CISA Advisories","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-148-04",0]