PT-2025-48482

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9 Description A denial of service issue exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality. An attacker can send an unauthenticated, specially crafted network packet to trigger a...

PT-2025-48477

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9 Description A denial of service condition can occur in the Modbus TCP and Modbus RTU over TCP functionality. An attacker can trigger this by sending a sequence of unauthenticated network packets...

Malicious code in sdm630-modbus-tcp (npm)

The package sdm630-modbus-tcp was found to contain malicious code...

MAL-2025-32859 Malicious code in sdm630-modbus-tcp (npm)

The package sdm630-modbus-tcp was found to contain malicious code...

EG4 Electronics EG4 Inverters 安全漏洞

EG4 Electronics EG4 Inverters is a series of hybrid inverters from EG4 Electronics, USA. A security vulnerability exists in the EG4 Electronics EG4 Inverters that stems from the unencrypted transmission of MOD3 command traffic, which could lead to data interception and tampering...

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Building the Bench This is the first in a three part series on building and using a testing bench for ICS systems. In this series we will build a physical test bench, review program logic to find flaws, perform manual exploitation of commonly used ICS protocols such as Modbus, then develop malwar...

SUSE CVE-2024-38534

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue...

isf

This is a Python-based exploitation framework called ISF Industrial Exploitation Framework that is similar to Metasploit. It is designed for industrial control system ICS exploitation and is used for testing and demonstrating vulnerabilities in ICS devices. The framework is based on the open-sour...

CVE-2025-7745 Modbus TCP buffer overread

Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2...

CVE-2025-7745

CVE-2025-7745 is a buffer over-read vulnerability in ABB AC500 V2. The issue affects AC500 V2 up to version 2.5.2. Publicly available technical details specify a buffer over-read in ABB AC500 V2, with potential for abnormal behavior. The PT-2025-30638 advisory recommends updating ABB AC500 V2 to ...

ABB AC500 V2

SUMMARY ABB became aware of vulnerabilities in AC500 V2 listed as affected in the advisory. An attacker who successfully exploited this vulnerability could access fragments of Modbus telegrams that have been sent earlier by that PLC 2. MITIGATING FACTORS Mitigating factors describe conditions...

The vulnerability of the Modbus programmable logic controller DELTA AS320T protocol allows a intruder to execute any code they desire.

The vulnerability of the Modbus-programmable logical controller DELTA AS320T lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Modbus programmable logic controller DELTA AS320T protocol allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the Modbus-programmable logical controller DELTA AS320T lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code...

The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software for WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to execute arbitrary commands.

The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software of WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Cisco Meraki 14 / 15 / 16 < 16.16 DoS (cisco-sa-snort-dos-9D3hJLuj)

The version of the remote Cisco Meraki device is version 14, 15, or 16 prior to 16.16. It is, therefore, potentially affected by a denial of service vulnerability as referenced in the cisco-sa-snort-dos-9D3hJLuj advisory: - A vulnerability in the Modbus preprocessor of the Snort detection engine...

CVE-2025-48466

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...

CVE-2025-48466

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...

CVE-2025-48466

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks...

CVE-2025-48467 Denial of Service via Malformed Modbus Packets

Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots, potentially leading to remote denial-of-service and system unavailability...

CVE-2025-48467 Denial of Service via Malformed Modbus Packets

Successful exploitation of the vulnerability could allow an attacker to cause repeated reboots, potentially leading to remote denial-of-service and system unavailability...