CVE-2025-62578
Unknown Unknown - Not Provided
Cleartext Transmission Vulnerability in DVP-12SE Modbus/TCP Protocol

Publication date: 2025-12-26

Last updated on: 2025-12-26

Assigner: Deltaww

Description
DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-26
Last Modified
2025-12-26
Generated
2026-06-16
AI Q&A
2025-12-26
EPSS Evaluated
2026-06-14
NVD
CVE-2025-62578
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
delta_electronics dvp-12se *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability involves cleartext transmission of sensitive information over Modbus/TCP, which exposes data to interception and potential exploitation. This lack of encryption and protection of sensitive data could lead to non-compliance with common standards and regulations such as GDPR and HIPAA, which require safeguarding sensitive information during transmission. However, no explicit mention of compliance impact is provided in the resources. Users are advised to implement network-level mitigations to reduce risk. [1]

Executive Summary

CVE-2025-62578 is a vulnerability in the Delta Electronics DVP-12SE device where sensitive information is transmitted in cleartext over the Modbus/TCP protocol. This means that data sent between devices is not encrypted, making it possible for attackers to intercept and access sensitive information during communication. [1]

Impact Analysis

This vulnerability can lead to unauthorized interception and exposure of sensitive information transmitted by the DVP-12SE device. Attackers could exploit this to gain insights into control system operations, potentially leading to operational disruptions, data breaches, or further attacks on industrial control systems. [1]

Detection Guidance

This vulnerability can be detected by monitoring Modbus/TCP traffic on your network for cleartext transmission of sensitive information. You can use network packet capture tools such as Wireshark or tcpdump to inspect Modbus/TCP packets. For example, using tcpdump: `tcpdump -i <interface> port 502` to capture Modbus/TCP traffic and analyze if sensitive data is transmitted unencrypted. Additionally, industrial firewalls can be configured to monitor and log Modbus/TCP traffic for suspicious activity. [1]

Mitigation Strategies

Immediate mitigation steps include: 1) Utilizing the product’s built-in IP whitelisting feature to restrict Modbus/TCP access only to trusted client IP addresses. 2) Implementing network segmentation to isolate the DVP-12SE device within a highly segregated network zone. 3) Employing industrial firewalls to monitor and control Modbus/TCP traffic. Additionally, avoid exposing control systems to the internet, place systems behind firewalls, isolate them from business networks, and use secure remote access methods such as VPNs when remote access is necessary. Note that no patch or workaround is currently available. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-62578. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart