CVE-2025-20085_CVE-2025-20085

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Description

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.

Basic Information

ID CVE-2025-20085

Source talos

Published Dec 1, 2025 at 15:25

Modified Dec 1, 2025 at 20:20

Affected Product

Vendor Socomec

Product DIRIS Digiware M-70

Version 1.6.9

Affected Versions Socomec DIRIS Digiware M-70 1.6.9

CWE Classification

CWE-306

References

{
    "lastseen": "",
    "description": "A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability.",
    "published": "2025-12-01T15:25:28.257Z",
    "modified": "2025-12-01T20:20:41.234Z",
    "type": "cve",
    "title": "CVE-2025-20085",
    "source": "talos",
    "references": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2138\nhttps://www.socomec.fr/sites/default/files/2025-04/CVE-2025-20085---Diris-Digiware-Webview-_VULNERABILITIES_2025-04-11-17-14-39_English_0.pdf",
    "id": "CVE-2025-20085",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Socomec DIRIS Digiware M-70 1.6.9",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIRIS Digiware M-70",
    "version": "1.6.9",
    "vendor": "Socomec",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}