CVE-2025-13901 | THREATINT

Description

CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels.

PUBLISHED Reserved 2025-12-02 | Published 2026-03-10 | Updated 2026-03-10 | Assigner schneider

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-404 Improper Resource Shutdown or Release

Product status

Default status

unaffected

Versions prior to 5.4.13.12

affected

Default status

unaffected

Versions prior to 5.4.10.12

affected

References

download.schneider-electric.com/...Name=SEVD-2026-069-01.pdf

cve.org (CVE-2025-13901)

nvd.nist.gov (CVE-2025-13901)

Download JSON