Denial of Service Vulnerability in Socomec DIRIS Digiware M-70
CVE-2025-54851

7.5HIGH

Key Information:

Vendor: Socomec
Status: Diris Digiware M-70
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-54851?

A denial of service vulnerability has been identified in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability can be exploited by sending a specific sequence of unauthenticated Modbus TCP packets to port 503. By using the Write Single Register function code (6) to set the value of register 4352 to 1, an attacker can modify the Modbus address, resulting in a service disruption that forces the device into a denial-of-service state.

Affected Version(s)

DIRIS Digiware M-70 1.6.9

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Jul 31, 2025

Credit

Discovered by Kelly Patterson of Cisco Talos.

JSON