Denial of Service Vulnerability in Socomec DIRIS Digiware M-70
CVE-2025-55221

8.6HIGH

Key Information:

Vendor: Socomec
Status: Diris Digiware M-70
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-55221?

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Functionality of the Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability arises when a specially crafted network packet is sent to the device, potentially causing a disruption in its services. An attacker can exploit this flaw by sending an unauthenticated packet over Modbus TCP, specifically on port 502, which could lead to a service outage for the affected device. Protecting against this vulnerability requires monitoring network traffic and implementing robust firewall rules.

Affected Version(s)

DIRIS Digiware M-70 1.6.9

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Aug 11, 2025

Credit

Discovered by Kelly Patterson of Cisco Talos.

JSON