What is the CVSS score of CVE-2018-25112?

CVE-2018-25112 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.2%.

Which versions of Industrial are affected by CVE-2018-25112?

CVE-2018-25112 affects industrial control systems (ILC devices) by allowing unauthenticated attackers to trigger denial-of-service conditions through resource exhaustion.

How to fix or mitigate CVE-2018-25112?

Within 24 hours: Identify and inventory all affected ILC devices in your environment and assess their criticality to operations. Within 7 days: Implement network segmentation to restrict ILC device exposure and deploy traffic rate-limiting controls on network infrastructure. Within 30 days: Contact the vendor for available security updates, evaluate upgrading to patched versions if available, or implement additional compensating controls if patching is not feasible.

Industrial CVE-2018-25112

EUVD-2018-21599 HIGH

Allocation of Resources Without Limits or Throttling (CWE-770)

2025-06-04 info@cert.vde.com

Denial Of Service Industrial IoT

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:29 euvd

EUVD-2018-21599

Analysis Generated

Mar 14, 2026 - 17:29 vuln.today

CVE Published

Jun 04, 2025 - 10:15 nvd

HIGH 7.5

DescriptionNVD

An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.

AnalysisAI

CVE-2018-25112 is an unauthenticated network-based Denial-of-Service vulnerability affecting IEC 61131-compliant Industrial Logic Controllers (ILCs). An attacker can exhaust device resources by flooding the controller with crafted network traffic, rendering it unresponsive. With a CVSS score of 7.5 (High severity), no authentication required, and network-accessible attack surface, this poses significant risk to industrial control systems; however, exploitation likelihood depends on network exposure and whether patches are available from affected vendors.

Technical ContextAI

The vulnerability exploits uncontrolled resource consumption (CWE-770) in devices implementing IEC 61131-3 industrial automation programming standard. ILC devices process network-based requests to manage industrial processes; the affected products lack proper input validation and rate-limiting mechanisms on network packet handling. When a flood of large or malformed packets arrives, the device's finite memory and CPU resources become exhausted attempting to process each request, causing the device to become unresponsive. The attack vector is Network (AV:N) with Low Complexity (AC:L), meaning no special conditions or tools are required—raw network traffic suffices. The lack of required privileges (PR:N) and user interaction (UI:N) makes this broadly exploitable against any exposed ILC on a network.

RemediationAI

Specific remediation steps: (1) Consult vendor security advisories for firmware/software patches released for CVE-2018-25112; vendors typically released patches in 2019-2020. (2) Apply available patches to affected ILC firmware versions immediately if internet-exposed. (3) Network-based mitigations: implement strict ingress filtering at network boundaries to rate-limit or block malformed traffic destined for ILC devices; deploy intrusion prevention systems (IPS) configured to detect DoS attack patterns. (4) Operational mitigations: segment ILC devices onto dedicated, protected VLANs with restricted access; disable unnecessary network services on ILC devices; implement redundancy/failover mechanisms to maintain availability if primary ILC is impacted. (5) Monitoring: implement NetFlow/SIEM alerting for abnormal traffic patterns toward ILC devices. Vendor patch links and specific versions must be obtained from Siemens, ABB, Beckhoff, and Phoenix Contact security advisories directly.

CVE-2018-25112 vulnerability details – vuln.today

Back

Industrial CVE-2018-25112

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code