CVE-2024-48894

Medium CVSS: 5.9

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

Vendor

Socomec

Product

Diris M-70 Firmware

CWE

CWE-319

Yayın Tarihi

2025-12-01 16:15:50

Güncelleme

2025-12-05 21:10:30

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-319 Diris M-70 Firmware MEDIUM Socomec 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2115 https://www.socomec.fr/sites/default/files/2025-04/CVE-2024-48894---Diris-Digiware-Webview-_VULNERABILITIES_2025-04-11-17-22-18_English_0.pdf https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2115

Benzer Kayıtlar

High

CVE-2025-54850

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa…

High

CVE-2025-54851

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa…

High

CVE-2025-55221

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec…

High

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec…

High

CVE-2025-54848

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa…

High

CVE-2025-54849

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiwa…