82 matches found
CVE-2024-48894
A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...
CVE-2024-48894
CVE-2024-48894 affects Socomec DIRIS Digiware M-70 gateway (version 1.6.9). Talos reports a cleartext transmission in the WEBVIEW-M webserver, allowing an attacker on the same network to sniff traffic and potentially disclose credentials or configuration data due to lack of encryption. The issue ...
EUVD-2024-55106
A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...
CVE-2024-53684
A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...
CVE-2024-53684
CVE-2024-53684 affects Socomec DIRIS Digiware M-70, specifically the WEBVIEW-M webserver in version 1.6.9. TALOS details a cross-site request forgery (CSRF) where a malicious page can trigger unauthorized access even when a user is authenticated, due to WEBVIEW-M not properly handling requests wi...
CVE-2024-49572
Talos reports CVE-2024-49572 as a denial-of-service in the Modbus TCP service of Socomec DIRIS Digiware M-70 (v1.6.9). An unauthenticated attacker can send a crafted Modbus TCP packet to trigger a factory-reset sequence that restores WEBVIEW-M credentials to default, enabling potential privilege ...
CVE-2024-49572
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an...
CVE-2024-49572
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an...
EUVD-2024-55110
A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...
CVE-2025-20085
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...
EUVD-2025-200029
A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...
EUVD-2025-200030
A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability...
CVE-2025-26858
A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability...
CVE-2025-54851
The CVE-2025-54851 issue affects Socomec DIRIS Digiware M-70 v1.6.9, where unauthenticated Modbus TCP/RTU over TCP requests can trigger a denial-of-service. Talos details show an attacker can send a single Modbus TCP message to port 503 using Write Single Register (code 6) to set register 4352 to...
EUVD-2025-200031
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...
CVE-2025-54849
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...
CVE-2025-54851
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...
CVE-2025-54849
CVE-2025-54849 affects Socomec DIRIS Digiware M-70 gateway (firmware 1.6.9). A DoS exists in Modbus TCP and Modbus RTU over TCP due to unauthenticated access that can be triggered by a crafted Modbus TCP Write Single Register (code 6) message to port 502, writing value 1 to register 4352, which c...
CVE-2025-55222
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...
CVE-2025-55221
A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...