What is the CVSS score of EUVD-2025-18993?

EUVD-2025-18993 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of IoT are affected by EUVD-2025-18993?

CVE-2025-48466 allows unauthenticated remote attackers to manipulate industrial control systems (ICS) via Modbus TCP, potentially enabling unauthorized relay control with direct operational and…

Is there a public PoC exploit available for EUVD-2025-18993?

Yes, a public proof-of-concept exploit is available for EUVD-2025-18993. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-18993?

Within 24 hours: Identify all Modbus TCP devices and systems in your environment; implement network segmentation to restrict Modbus traffic to authorized sources only; enable logging and monitoring for Modbus TCP connections. Within 7 days: Deploy firewall rules to block unauthorized Modbus TCP access (port 502); conduct security assessment of affected systems to identify exploitation attempts; notify operational and safety teams of the vulnerability. Within 30 days: Implement ICS-specific intrusion detection for Modbus protocol anomalies; evaluate vendor timeline for patches; develop and test incident response procedures for Modbus manipulation scenarios.

IoT EUVD-2025-18993

| CVE-2025-48466 HIGH

Incorrect Authorization (CWE-863)

2025-06-24 5f57b9bf-260d-4433-bf07-b6a79e9bb7d4

Authentication Bypass IoT Modbus Wise 4010lan Firmware Wise 4050lan Firmware Wise 4060lan Firmware

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 22:36 euvd

EUVD-2025-18993

Analysis Generated

Mar 15, 2026 - 22:36 vuln.today

PoC Detected

Jul 09, 2025 - 17:18 vuln.today

Public exploit code

CVE Published

Jun 24, 2025 - 03:15 nvd

HIGH 8.1

DescriptionNVD

Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to send Modbus TCP packets to manipulate Digital Outputs, potentially allowing remote control of relay channel which may lead to operational or safety risks.

AnalysisAI

CVE-2025-48466 is a security vulnerability (CVSS 8.1). Risk factors: public PoC available.

Technical ContextAI

CWE-863 (Incorrect Authorization). CVSS 8.1 indicates high severity.

RemediationAI

Monitor vendor channels for patch availability.

EUVD-2025-18993 vulnerability details – vuln.today

Back

IoT EUVD-2025-18993

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code