CNNVD-202510-3167 Information
CNNVD ID
CNNVD-202510-3167
Related CVE
- CNNVD Published: 2025-10-22
Description (Chinese)
Sauter modu680-AS是瑞士Sauter公司的一个模块化自动化站兼web服务器。 Sauter modu680-AS存在信任管理问题漏洞,该漏洞源于使用硬编码证书验证SOAP消息真实性,可能导致私钥泄露。以下产品受到影响:modulo 6 devices modu680-AS、modulo 6 devices modu660-AS、modulo 6 devices modu612-LC、EY-modulo 5 modu 5 modu524、EY-modulo 5 modu 5 modu525、EY-modulo 5 ecos 5 ecos504/505。
Description (English)
Sauter Modu680-AS is a modular automation station and web server at Sauter, Switzerland. Sauter Modu680-AS has a confidence management gap, which arises from the use of hard-coded certificates to verify the authenticity of SOAP messages, which may lead to private key leaks. The following products were affected: Modeulo 6 devices Modu680-AS, Modeulo 6 devices Modu660-AS, Modulo 6 devices Modu612-LC, EY-modulo 5 Modu 5 Modu 524, EY-modulo 5 Modu 5 Modu525, EY-modulo 5 ecos 5 ecos 504/555.
Hazard Level
Medium
Vulnerability Type
信任管理问题
Affected Vendor
Sauter
Published
2025-10-22
Last Modified
2026-02-24
References
https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json https://access.redhat.com/security/cve/cve-2025-41722
Patch
https://sauter.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-060.json
Share on: