Vulnerability Details CVE-2025-54851
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.An attacker can trigger this denial-of-service condition by sending a single Modbus TCP message to port 503 using the Write Single Register function code (6) to write the value 1 to register 4352. This action changes the Modbus address to 15. After this message is sent, the device will be in a denial-of-service state.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.1%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-54851
-
cpe:2.3:h:socomec:diris_m-70:-
-
cpe:2.3:o:socomec:diris_m-70_firmware:1.6.9