Denial of Service Vulnerability in DIRIS Digiware M-70 by Socomec
CVE-2025-55222

8.6HIGH

Key Information:

Vendor: Socomec
Status: Diris Digiware M-70
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-55222?

A significant vulnerability has been identified in the Modbus TCP and Modbus RTU functionalities of Socomec's DIRIS Digiware M-70 device. This flaw allows an attacker to exploit the system by sending a specially crafted network packet, which can result in a denial of service. The attack leverages Modbus RTU protocol over TCP on port 503, and it can be initiated without authentication. It is crucial for users of the affected version 1.6.9 to be aware of this vulnerability in order to implement necessary security measures.

Affected Version(s)

DIRIS Digiware M-70 1.6.9

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Aug 11, 2025

Credit

Discovered by Kelly Patterson of Cisco Talos.

JSON