CVE-2025-54850

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9

Description A denial of service condition can occur in the Modbus TCP and Modbus RTU over TCP functionality. An attacker can trigger this by sending a sequence of unauthenticated network packets. Specifically, the attack involves sending a series of Modbus RTU over TCP messages to port 503, utilizing the Write Single Register function code (6). The sequence starts with a message to register 58112 with a value of 1000, followed by a message to register 29440 with a value representing a new Modbus address. The attack concludes with a message to register 57856 with a value of 161, committing a configuration change that results in a denial-of-service state.

Recommendations Versions prior to 1.6.9 are not affected. Update Socomec DIRIS Digiware M-70 to a newer version to address this issue.