CVE-2025-41724
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: CERT VDE

Description
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-41724
EUVD
EUVD-2025-35319
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
sauter modulo_6 3.2.0
sauter case_suite 5.2_sr5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-239 The product does not properly handle when a particular element is not completely specified.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-41724 is a vulnerability in the embedded web server (wscserver) of SAUTER modulo 6 devices where an unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. Once crashed, the wscserver process does not automatically restart, requiring a device reboot to restore functionality. This vulnerability can lead to denial of service by making the device unavailable until rebooted. [1]

Impact Analysis

This vulnerability can impact you by causing a denial of service on affected SAUTER modulo 6 devices. An attacker can remotely crash the embedded web server without authentication, making the device unresponsive until it is manually rebooted. This disrupts device availability and may affect any systems or processes relying on the device's operation. [1]

Mitigation Strategies

To mitigate this vulnerability immediately, upgrade the SAUTER modulo 6 embedded firmware to version 3.2.0 or newer and upgrade the CASE Suite software to version 5.2 SR5 or newer. Additionally, protect device and network access by following best security practices. Note that updates require a device restart to take effect. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-41724. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart