Auma · Auma Mec 03.01 · CVE-2025-3496
**Name of the Vulnerable Software and Affected Versions**
Auma AC1.2 versions 06.00.00 through 06.09.04
Auma MEC 03.01 versions prior to 01.02.00
Auma PROFOX versions prior to 01-01.10.00
Auma SGx/SVx versions 03.00.00 through 03.05.01
Auma TIGRON versions prior to 01-01.09.00
Auma TIGRON SIL versions prior to 02-01.01.00
**Description**
An unauthenticated remote attacker can cause a buffer overflow, potentially leading to unexpected behavior or Denial of Service (DoS) via Bluetooth or RS-232 interface. This issue is related to a buffer copy without checking the size of the input, also known as a 'Classic Buffer Overflow'.
**Recommendations**
For Auma AC1.2 versions 06.00.00 through 06.09.04, update to a version later than 06.09.04.
For Auma MEC 03.01 versions prior to 01.02.00, update to version 01.02.00 or later.
For Auma PROFOX versions prior to 01-01.10.00, update to version 01-01.10.00 or later.
For Auma SGx/SVx versions 03.00.00 through 03.05.01, update to a version later than 03.05.01.
For Auma TIGRON versions prior to 01-01.09.00, update to version 01-01.09.00 or later.
For Auma TIGRON SIL versions prior to 02-01.01.00, update to version 02-01.01.00 or later.