Cybersecurity Vulnerabilities

CVE-2024-48882: Critical DoS Vulnerability in Socomec DIRIS Digiware M-70

December 1, 2025 - By 

Published: 2025-12-01T16:15:49.983

Overview

A high-severity denial of service (DoS) vulnerability, identified as CVE-2024-48882, has been discovered in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability allows an unauthenticated attacker to disrupt the availability of the device by sending a specially crafted network packet.

Technical Details

The vulnerability resides in the handling of Modbus TCP requests by the Socomec DIRIS Digiware M-70. Sending a specific malformed or crafted Modbus TCP packet triggers a condition within the device’s firmware that leads to a denial-of-service state. This prevents the device from responding to legitimate requests and effectively renders it unavailable.

An attacker can exploit this vulnerability remotely without any authentication, making it easily exploitable from within a network accessible to the affected device.

CVSS Analysis

  • Severity: HIGH
  • CVSS Score: 8.6

The CVSS score of 8.6 reflects the high impact of this vulnerability. Due to the unauthenticated nature of the exploit and the disruption of service, the risk is deemed significant.

Possible Impact

Successful exploitation of CVE-2024-48882 can lead to the following impacts:

  • Denial of Service: The primary impact is the disruption of the DIRIS Digiware M-70 device’s functionality.
  • Loss of Monitoring Data: If the device is used for critical monitoring or control, the DoS can interrupt data flow and potentially lead to inaccurate decision-making or delayed responses.
  • Operational Disruption: In industrial environments reliant on the device’s data, the DoS can cause significant operational disruptions.

Mitigation and Patch Steps

Socomec has released information addressing this vulnerability. It is strongly recommended that users of Socomec DIRIS Digiware M-70 version 1.6.9 take the following steps:

  1. Apply the Patch: Check the Socomec website for an official firmware update or patch that addresses CVE-2024-48882. Apply the update according to the vendor’s instructions.
  2. Network Segmentation: Implement network segmentation to isolate the DIRIS Digiware M-70 device from untrusted networks. This can help prevent unauthorized access and exploitation.
  3. Access Control Lists (ACLs): Implement ACLs on network devices to restrict access to the Modbus TCP port (typically port 502) on the DIRIS Digiware M-70 device. Only allow access from trusted sources.
  4. Intrusion Detection/Prevention Systems (IDS/IPS): Deploy an IDS/IPS solution to monitor network traffic for malicious Modbus TCP packets and block them.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *