Socomec DIRIS A-40 Devices Password Disclosure

Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI. id: CVE-2019-15859 info: name: Socomec DIRIS A-40 Devices Password Disclosure author:...

Socomec socomec DIRIS A-40 访问控制错误漏洞

Socomec DIRIS A-40 is an electrical device designed by the French company Socomec for power metering and monitoring. The Socomec DIRIS A-40 has a vulnerability related to access control, which stems from insufficient authentication in the Web API implementation. This vulnerability could allow...

CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web API implementation, which listens on TCP po...

PT-2026-22052

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

Socomec DIRIS Digiware M series and Easy Config, PDF XChange Editor vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed an out-of-bounds read vulnerability in PDF XChange Editor, and ten vulnerabilities in Socomec DIRIS Digiware M series and Easy Config products. The vulnerabilities mentioned in this blog post have been patched by their...

Socomec DIRIS Digiware M-70 Denial of Service Vulnerability (CNVD-2025-30454)

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70 that stems from the...

Socomec DIRIS Digiware M-70 Denial of Service Vulnerability (CNVD-2025-30455)

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70, which stems from th...

Socomec DIRIS Digiware M-70 Cross-Site Request Forgery Vulnerability

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A cross-site request forgery vulnerability exists in the Socomec DIRIS Digiware M-70 that stems...

Socomec DIRIS Digiware M-70 Denial of Service Vulnerability (CNVD-2025-30453)

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70 that stems from the...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2025-54851

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2025-55221

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2024-49572

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an...

CVE-2024-48894

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

CVE-2025-54851

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...