Overview CVE-2025-26858 is a high-severity buffer overflow vulnerability affecting the Modbus TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability allows an unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted network packets to the device. The vulnerability was published on 2025-12-01. Technical Details The vulnerability resides in the handling of Modbus TCP requests within the Socomec DIRIS Digiware M-70 1.6.9. A specifically crafted sequence of network packets can trigger a buffer overflow, overwriting critical memory regions and causing the device to crash or become unresponsive. The vulnerability is exploitable because the device doesn’t properly…

Overview CVE-2025-23417 is a high-severity denial of service (DoS) vulnerability affecting Socomec DIRIS Digiware M-70 version 1.6.9. The vulnerability resides within the Modbus RTU over TCP functionality of the device. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted network packet, leading to a denial of service condition. Technical Details The vulnerability stems from improper handling of specific network packets within the Modbus RTU over TCP implementation. By sending a malformed or unexpected packet, an attacker can cause the DIRIS Digiware M-70 device to crash or become unresponsive. The lack of authentication required to trigger the vulnerability…

Overview CVE-2025-20085 describes a high-severity denial-of-service (DoS) vulnerability affecting the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. A specially crafted network packet can be sent to the device, leading to a denial of service and potentially weakening credentials, causing the device to revert to default, documented credentials. Technical Details The vulnerability resides in the handling of Modbus RTU over TCP requests. An unauthenticated attacker can send a malformed packet to the DIRIS Digiware M-70 device. This crafted packet exploits a weakness in the parsing or processing of the Modbus request, causing the device to crash…

Overview CVE-2025-13829 identifies a critical Incorrect Authorization vulnerability affecting Data Illusion Zumbrunn NGSurvey. This flaw allows any authenticated user within the system to potentially obtain the private and sensitive information of other users. This unauthorized access poses a significant risk to user privacy and the overall security of the NGSurvey platform. Published on 2025-12-01T16:15:51.690, this vulnerability highlights the importance of robust access control mechanisms in web applications. Technical Details The vulnerability stems from a flaw in the authorization logic of NGSurvey. Specifically, the system fails to properly validate user permissions when accessing certain API endpoints. This allows an attacker, after…

Overview CVE-2025-11699 is a critical session hijacking vulnerability affecting nopCommerce, a popular open-source e-commerce platform. Specifically, versions 4.70 and prior, as well as version 4.80.3, fail to properly invalidate session cookies after a user logs out or their session terminates. This oversight allows an attacker in possession of a valid session cookie to gain unauthorized access to privileged endpoints, such as the administrative panel (/admin), even after the legitimate user has logged out. Any version above 4.70 that is not 4.80.3 fixes the vulnerability. Technical Details The vulnerability stems from a lack of proper session management within nopCommerce. When a…

Overview A high-severity vulnerability, identified as CVE-2025-10101, has been discovered in Avast Antivirus for MacOS. This vulnerability is a heap-based buffer overflow, out-of-bounds write that can potentially allow for local execution of code or a denial-of-service (DoS) condition affecting antivirus protection. This issue affects Avast Antivirus versions from 15.7 up to, but not including, version 3.9.2025. Technical Details The vulnerability stems from improper handling of a crafted Mach-O file by the Avast Antivirus engine. Specifically, the parsing of this specially crafted file triggers a heap-based buffer overflow. When processing the malicious Mach-O file, the application writes data beyond the allocated…

Overview A high-severity Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2024-53684, has been discovered in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability allows an attacker to execute unauthorized actions on behalf of an authenticated user, potentially leading to significant security breaches. Technical Details The vulnerability exists due to insufficient CSRF protection within the WEBVIEW-M component. An attacker can craft a malicious HTML page containing requests that, when visited by an authenticated user, will be executed by the user’s browser as if they originated from the user themselves. This allows the attacker to potentially modify settings,…

Overview CVE-2024-49572 is a high-severity denial of service (DoS) vulnerability affecting Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability resides within the Modbus TCP functionality of the device. An attacker can exploit this flaw by sending a specially crafted network packet, leading to a denial of service condition. Furthermore, successful exploitation can weaken the device’s credentials, potentially reverting them to default, documented credentials. Technical Details The vulnerability stems from improper handling of specific Modbus TCP requests. An unauthenticated attacker can send a malformed packet to the DIRIS Digiware M-70 device. This malicious packet can cause the device to crash or…

Overview CVE-2024-48894 describes a cleartext transmission vulnerability affecting the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability allows an attacker to potentially sniff network traffic and intercept sensitive information transmitted in cleartext due to a lack of proper encryption. Technical Details The vulnerability lies within the WEBVIEW-M component of the Socomec DIRIS Digiware M-70. Specifically, the device transmits certain data, including potentially usernames, passwords, or configuration details, without employing encryption (e.g., HTTPS). An attacker positioned on the same network segment as the device can capture this traffic using packet sniffing tools like Wireshark. A specially crafted HTTP…

Published: 2025-12-01T16:15:49.983 Overview A high-severity denial of service (DoS) vulnerability, identified as CVE-2024-48882, has been discovered in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. This vulnerability allows an unauthenticated attacker to disrupt the availability of the device by sending a specially crafted network packet. Technical Details The vulnerability resides in the handling of Modbus TCP requests by the Socomec DIRIS Digiware M-70. Sending a specific malformed or crafted Modbus TCP packet triggers a condition within the device’s firmware that leads to a denial-of-service state. This prevents the device from responding to legitimate requests and effectively renders…