Socomec DIRIS Digiware M-70, Denial of Service, CVE-2025-55221 (Critical)

By /

Listen to this Post

How CVE-2025-55221 Works:

This vulnerability targets the Modbus TCP and Modbus RTU over TCP USB Function in Socomec DIRIS Digiware M-70 firmware version 1.6.9. Modbus is a standard protocol for industrial communication, and this device uses Modbus TCP on port 502 for network connectivity. The flaw arises from improper parsing of Modbus TCP packets, especially when handling RTU over TCP or USB functions. An attacker can craft a malicious network packet with specific malformed data or unexpected sequences. When this packet is sent to port 502, the device’s processing logic fails to handle it correctly. This failure can trigger a buffer overflow, memory corruption, or an infinite loop, leading to a denial of service. The device may crash, reboot, or become unresponsive, disrupting its energy monitoring and power quality analysis functions. Since the attack is unauthenticated, no credentials are required, allowing any network-accessible attacker to exploit it. The vulnerability is specific to the implementation of Modbus message handling, where insufficient input validation allows crafted packets to exploit software weaknesses. This highlights common issues in IoT and industrial devices where protocol stacks are not securely coded. The impact is immediate service interruption, affecting critical infrastructure operations that rely on this device for power management.
Platform: Socomec DIRIS M-70
Version: 1.6.9
Vulnerability: Denial of Service
Severity: Critical
Date: 12/01/2025

Prediction: Patch Q2 2026

What Undercode Say:

Analytics:

  • nmap -p 502
  • modbus-cli read –host –port 502 –unit-id 1 –register 0
  • python3 -c “import socket; s=socket.socket(); s.connect((‘‘,502)); s.send(b’\x00\x01\x00\x00\x00\x06\x01\x03\x00\x00\x00\x01’); print(s.recv(1024))”

How Exploit:

Send crafted Modbus TCP packet to port 502 causing device crash.

Protection from this CVE

Restrict port 502 access.

Update firmware when available.

Use network segmentation.

Impact:

Device unavailability disrupting power monitoring.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top