What is CVE-2023-25619?

A high-severity vulnerability exists in Schneider Electric Modicon products, potentially leading to denial of service. Organizations must prioritize patching to mitigate risks associated with this vulnerability.

What is the severity of CVE-2023-25619?

CVE-2023-25619 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2023-25619 | High Vulnerability in Schneider Electric Modicon Products

CVE-2023-25619 is a high-severity vulnerability that affects Schneider Electric Modicon products, including the Modicon M580, Modicon M340, and others. This vulnerability allows for a denial of service when communicating over the Modbus TCP protocol, posing significant risks to organizations relying on these systems.

The CVSS score for this vulnerability is 7.5, indicating high severity. It is critical for organizations to understand the implications of this vulnerability, as it may disrupt operations and compromise system availability.

Currently, there are no public exploits available, and it has not been classified as actively exploited. However, the high impact on availability necessitates immediate attention and remediation from affected organizations.

Organizations should prioritize patching immediately, given the potential for service disruption and the critical nature of maintaining operational integrity.

Vulnerability Details

This vulnerability allows for denial of service due to improper checks for unusual or exceptional conditions, specifically within the Modbus TCP protocol. The CWE classification for this vulnerability is CWE-754.

The vulnerability affects several firmware versions of Schneider Electric products, including the Modicon M580, Modicon M340, and Modicon Momentum Unity M1E processor firmware. It was published on April 19, 2023.

Organizations using affected products should consult the vendor for specific remediation measures.

Technical Analysis

The root cause of this vulnerability is linked to insufficient checks for unusual or exceptional conditions within the Modbus TCP communication process. This oversight can lead to system unavailability when exploited.

The attack vector is network-based, requiring no privileges or user interaction. The attack complexity is low, making it relatively straightforward for attackers to exploit this vulnerability.

The impact on confidentiality and integrity is none, but the availability impact is high, as successful exploitation could render the affected devices inoperable.

Risk & Impact Analysis

Risk to organizations includes potential service disruption, which could halt operations dependent on the affected Schneider Electric Modicon products. The blast radius could be significant, especially for critical infrastructure reliant on these systems.

Given the CVSS score of 7.5 and the potential for high impact, organizations should assess their exposure to this vulnerability and implement necessary patches or mitigations in a timely manner.

Organizations should address in priority patch cycle due to the high risk associated with this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions include various firmware for Schneider Electric Modicon products, specifically those prior to the vendor's patches. For detailed version information, please refer to vendor documentation.

Mitigation & Remediation

Organizations should implement the latest patches provided by Schneider Electric for affected Modicon firmware. If patches are not available, consider implementing additional network controls and monitoring to mitigate potential risks.

For comprehensive security assessments, organizations may consider engaging in penetration testing to uncover any additional vulnerabilities.

Detection Guidance

Monitoring logs for unusual denial of service patterns and anomalies in network traffic can help identify potential exploitation attempts of this vulnerability.

AppSecure Threat Intelligence Insight

CVE-2023-25619 highlights the importance of robust security measures in industrial control systems. Security teams should prioritize vulnerability management and regularly assess their security posture.

For further insights into vulnerability management, organizations can explore our guide on vulnerability management programs. Additionally, consider reviewing our penetration testing methodology to enhance your security testing processes.

Finally, it is essential to stay informed about trends in cybersecurity through resources such as our ransomware targeting trends to better understand the evolving threat landscape.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-25619: High Vulnerability in Schneider Electric Modicon Products