CVE-2025-41724
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-41724, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: CERT VDE

Description

An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-07-07
AI Q&A
2025-10-22
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
sauter modulo_6 3.2.0
sauter case_suite 5.2_sr5

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-239 The product does not properly handle when a particular element is not completely specified.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-41724 is a vulnerability in the embedded web server (wscserver) of SAUTER modulo 6 devices where an unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. Once crashed, the wscserver process does not automatically restart, requiring a device reboot to restore functionality. This vulnerability can lead to denial of service by making the device unavailable until rebooted. [1]

Impact Analysis

This vulnerability can impact you by causing a denial of service on affected SAUTER modulo 6 devices. An attacker can remotely crash the embedded web server without authentication, making the device unresponsive until it is manually rebooted. This disrupts device availability and may affect any systems or processes relying on the device's operation. [1]

Mitigation Strategies

To mitigate this vulnerability immediately, upgrade the SAUTER modulo 6 embedded firmware to version 3.2.0 or newer and upgrade the CASE Suite software to version 5.2 SR5 or newer. Additionally, protect device and network access by following best security practices. Note that updates require a device restart to take effect. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-41724. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart