CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 操作系统命令注入漏洞

Both Janitza UMG 96RM-E 24V and Janitza UMG 96RM-E 230V are multi-functional power quality analyzers produced by the German company Janitza. Both models have vulnerabilities related to operating system command injection. These vulnerabilities arise from defects in the power analyzer’s processing ...

CVE-2025-54848

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-20085

Talos reports CVE-2025-20085 affecting Socomec DIRIS Digiware M-70 v1.6.9. The Modbus RTU over TCP service can be abused by an unauthenticated actor sending a crafted Modbus message (port 503) to write a value (register 57856) via Write Single Register (function code 6), triggering a denial-of-se...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...