CVE-2026-27663

The CVE-2026-27663 entry concerns CPCI85 Central Processing/Communication and RTUM85 RTU Base (all versions

PT-2026-28356

Name of the Vulnerable Software and Affected Versions CPCI85 Central Processing/Communication versions prior to 26.10 RTUM85 RTU Base versions prior to 26.10 Description The affected application contains a denial-of-service DoS issue. The remote operation mode is susceptible to resource exhaustio...

CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

Hitachi Energy RTU500 Product Uncontrolled Recursion (CVE-2024-8176)

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 操作系统命令注入漏洞

Both Janitza UMG 96RM-E 24V and Janitza UMG 96RM-E 230V are multi-functional power quality analyzers produced by the German company Janitza. Both models have vulnerabilities related to operating system command injection. These vulnerabilities arise from defects in the power analyzer’s processing ...

CVE-2021-22749

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially...

CVE-2020-7800

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Improper Check for Unusual or Exceptional Conditions CWE-754 vulnerability. The affected product is vulnerable to specially crafted TCP packets, which can cause the device to shut down or reboot a...

CVE-2020-7802

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Incorrect Default Permissions CWE-276 vulnerability. The affected product is vulnerable to insufficient default permissions, which could allow an attacker to view network configurations through SN...

CVE-2020-10624

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2019-16879

The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function CWE-306 vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2025-55221

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2025-54848

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

CVE-2025-20085

Talos reports CVE-2025-20085 affecting Socomec DIRIS Digiware M-70 v1.6.9. The Modbus RTU over TCP service can be abused by an unauthenticated actor sending a crafted Modbus message (port 503) to write a value (register 57856) via Write Single Register (function code 6), triggering a denial-of-se...