Skip to main content

Diris M 70 Firmware EUVDEUVD-2024-55110

| CVE-2024-48882 HIGH
Missing Authentication for Critical Function (CWE-306)
2025-12-01 talos-cna@cisco.com
8.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 15, 2026 - 13:34 euvd
EUVD-2024-55110
Analysis Generated
Mar 15, 2026 - 13:34 vuln.today
CVE Published
Dec 01, 2025 - 16:15 nvd
HIGH 8.6

DescriptionCVE.org

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Analysis

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.

Technical ContextAI

An authentication bypass vulnerability allows attackers to circumvent login mechanisms and gain unauthorized access without valid credentials. This vulnerability is classified as Missing Authentication for Critical Function (CWE-306).

RemediationAI

Implement robust authentication mechanisms. Use multi-factor authentication. Review authentication logic for bypass conditions. Remove default credentials.

CVE-2025-26858 HIGH
8.6 Dec 01

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially

CVE-2025-55222 HIGH
8.6 Dec 01

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec

CVE-2025-55221 HIGH
8.6 Dec 01

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec

CVE-2025-23417 HIGH
8.6 Dec 01

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9.

CVE-2024-53684 HIGH
7.5 Dec 01

A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1

CVE-2025-54851 HIGH
7.5 Dec 01

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa

CVE-2025-54850 HIGH
7.5 Dec 01

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa

CVE-2025-20085 HIGH
7.2 Dec 01

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9.

CVE-2024-49572 HIGH
7.2 Dec 01

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A special

CVE-2024-48894 MEDIUM
5.9 Dec 01

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A spe

Share

EUVD-2024-55110 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy