CVE-2025-55221 | THREATINT

Description

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This vulnerability is specific to the malicious message sent via Modbus TCP over port 502.

PUBLISHED Reserved 2025-08-11 | Published 2025-12-01 | Updated 2025-12-01 | Assigner talos

HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

CWE-306: Missing Authentication for Critical Function

Product status

1.6.9

affected

Credits

Discovered by Kelly Patterson of Cisco Talos.

References

talosintelligence.com/vulnerability_reports/TALOS-2025-2251

cve.org (CVE-2025-55221)

nvd.nist.gov (CVE-2025-55221)

Download JSON