Data Transmission Vulnerability in DuraComm SPM-500
CVE-2025-53703

8.7HIGH

Key Information:

Vendor: Duracomm Corporation
Status: Spm-500 Dp-10in-100-mu
Vendor: CVE Published:; 22 July 2025

🔔 Create Duracomm Corporation Vulnerability Alert

What is CVE-2025-53703?

The DuraComm SPM-500 device is susceptible to a vulnerability that allows for the transmission of sensitive data without encryption, enabling potential interception by malicious actors. This oversight poses a significant threat to data integrity and confidentiality, particularly in environments where secure communication is critical. Users of the SPM-500 DP-10iN-100-MU version should take immediate steps to assess their security posture and implement measures to ensure that sensitive data is adequately protected during transmission.

Affected Version(s)

SPM-500 DP-10iN-100-MU 0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-2...

https://duracomm.com/contact-us/

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 15, 2025

Credit

Brandon Vincent of Arizona Public Service reported these vulnerabilities to CISA.