Buffer Overflow Vulnerability in FutureNet AS and FA Series by Century Systems
CVE-2025-25280

5.3MEDIUM

What is CVE-2025-25280?

A buffer overflow vulnerability has been identified in Century Systems Co., Ltd.'s FutureNet AS series industrial routers and FA series protocol conversion machines. This vulnerability allows a remote unauthenticated attacker to potentially reboot the affected devices by sending specially crafted requests, which may disrupt service and lead to unauthorized device behavior.

Affected Version(s)

FutureNet AS-210/U4 firmware Version 2.6.6 and earlier

FutureNet AS-250/F-KO firmware Version 1.14.0 and earlier

FutureNet AS-250/F-SC firmware Version 1.14.0 and earlier

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.