CVE-2025-24510

Name of the Vulnerable Software and Affected Versions: MS/TP Point Pickup Module (All versions)

Description: A vulnerability has been identified where affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.