CVE-2025-64385
BaseFortify
Publication date: 2025-10-31
Last updated on: 2025-11-04
Assigner: S21sec
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| circutor | tcprs1+ | 1.0.14 |
| circutor | myconfig | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects the initial configuration process of the TCPRS1+PSDC device by CIRCUTOR. The device can be configured using the manufacturer's application, web server, Wi-Fi, or software. When configured via the manufacturer's software using UDP, it is possible to change any aspect of the initial configuration by using the device's MAC address without requiring any authentication. This means an attacker who knows the MAC address can alter the device's settings without permission. [2]
How can this vulnerability impact me? :
This vulnerability can have a significant impact as it allows unauthorized users to change the device's initial configuration without authentication. This could lead to unauthorized control or disruption of the device's operation, potentially affecting network communications and industrial automation processes that rely on this device. Given the high CVSS score (9.2), the impact is severe, possibly resulting in loss of availability, integrity, or confidentiality of the system. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring UDP traffic to the device and analyzing configuration change attempts that are authenticated solely by the device's MAC address without further authentication. Network scanning tools can be used to identify devices with open UDP ports related to the manufacturer's software configuration. Specific commands are not provided in the available resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the device's UDP configuration ports, implementing network segmentation to isolate the device, and disabling or limiting configuration via UDP if possible. Additionally, monitoring for unauthorized configuration changes and applying any available firmware updates from the manufacturer are recommended. Specific mitigation commands or procedures are not detailed in the provided resources. [2]