Denial of Service Vulnerability in Socomec DIRIS Digiware M-70
CVE-2025-23417

8.6HIGH

Key Information:

Vendor: Socomec
Status: Diris Digiware M-70
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-23417?

A vulnerability exists in the Modbus RTU over TCP functionality of the Socomec DIRIS Digiware M-70 (version 1.6.9), allowing an attacker to exploit it by sending specially crafted network packets. This can lead to a denial of service condition, rendering the device unresponsive. It is critical for users to ensure that their systems are safeguarded against such unauthorized network activity to maintain operational integrity.

Affected Version(s)

DIRIS Digiware M-70 1.6.9

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.socomec.fr/sites/default/files/2025-04/CVE-20...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Jan 22, 2025

Credit

Discovered by Kelly Patterson of Cisco Talos.

JSON