Full Report
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed an out-of-bounds read vulnerability in PDF XChange Editor, and ten vulnerabilities in Socomec DIRIS Digiware M series and Easy Config products.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco&
Analysis Summary
# Vulnerability: PDF XChange Editor Out-of-Bounds Read via EMF Processing
## CVE Details
- CVE ID: CVE-2025-58113
- CVSS Score: Information not provided in text. (Severity assumed Medium/High based on OOB Read)
- CWE: Not specified.
## Affected Systems
- Products: PDF-XChange Editor
- Versions: 10.7.3.401
- Configurations: Processing a specially crafted EMF file.
## Vulnerability Description
An out-of-bounds read vulnerability exists in the EMF (Enhanced Metafile) processing functionality of PDF XChange Editor. Successful exploitation allows an attacker to read memory outside the intended buffer boundaries.
## Exploitation
- Status: Patched. (No mention of being exploited in the wild or POC availability.)
- Complexity: Not specified.
- Attack Vector: Likely Local/Network via file processing.
## Impact
- Confidentiality: Potential information disclosure.
- Integrity: Not explicitly stated, but possible if OOB read leads to adjacent write.
- Availability: Not explicitly stated.
## Remediation
### Patches
- Vendor has patched the vulnerability. Specific version details are not listed in the summary text.
### Workarounds
- No specific workarounds were detailed in the summary text.
## Detection
- Snort coverage is available for detection. Download the latest rule sets from snort.org.
## References
- Vendor Advisory: Refer to TALOS-2025-2280 information on talosintelligence.com.
***
# Vulnerability Summary: Multiple Flaws in Socomec DIRIS Digiware M series and Easy Config
This summary groups the ten reported vulnerabilities affecting Socomec products. Severity scores (CVSS) are not provided for any specific CVE.
## CVE Details (Grouped by Product)
### Socomec DIRIS Digiware M Series (v1.6.9)
| CVE ID | TALOS ID | Vulnerability Type | Attack Vector/Trigger |
| :--- | :--- | :--- | :--- |
| CVE-2024-48894 | TALOS-2024-2115 | Cleartext Transmission | Specially crafted HTTP requests (sniffing possible). |
| CVE-2024-53684 | TALOS-2024-2116 | Cross-Site Request Forgery (CSRF) | Specially crafted HTTP request (malicious webpage). |
| CVE-2024-49572 | TALOS-2024-2118 | Denial of Service (DoS) / Credential Weakening | Unauthenticated network packet leading to default credentials. |
| CVE-2024-48882 | TALOS-2024-2119 | Denial of Service (DoS) | Unauthenticated network packet. |
| CVE-2025-20085 | TALOS-2025-2138 | Denial of Service (DoS) / Credential Weakening | Unauthenticated network packet leading to default credentials. |
| CVE-2025-23417 | TALOS-2025-2139 | Denial of Service (DoS) | Unauthenticated network packet. |
| CVE-2025-54848 to CVE-2025-54851 | TALOS-2025-2248 | Denial of Service (DoS) (Modbus TCP/RTU) | Unauthenticated sequence of network requests. |
| CVE-2025-55221 to CVE-2025-55222 | TALOS-2025-2251 | Denial of Service (DoS) (Modbus TCP/RTU Over TCP USB) | Unauthenticated network packet. |
| CVE-2025-26858 | TALOS-2025-2152 | Buffer Overflow (Modbus TCP) | Unauthenticated sequence of network packets leading to DoS. |
### Socomec Easy Config System
| CVE ID | TALOS ID | Vulnerability Type | Attack Vector/Trigger |
| :--- | :--- | :--- | :--- |
| CVE-2024-45370 | TALOS-2024-2117 | Authentication Bypass (User Profile Management) | Specially crafted local database record modification. |
## Affected Systems
- Products: Socomec DIRIS Digiware M series, Socomec Easy Config System.
- Versions: DIRIS Digiware M series version 1.6.9.
- Configurations: Varies per CVE (e.g., network accessible for M-series, local database for Easy Config).
## Vulnerability Description (Key Types)
The DIRIS Digiware M series vulnerabilities primarily involve denial of service via unauthenticated network packets (some leading to credential weaknesses), cleartext transmission disclosure, and CSRF. The Easy Config product has an authentication bypass via local database modification.
## Exploitation
- Status: Patched. (No indication of active exploitation or PoC availability mentioned for Socomec flaws.)
- Complexity: Varies. CSRF/Cleartext are likely network-based attack vectors; DoS attacks via network packets suggest low barrier to trigger for network-facing services.
- Attack Vector: Primarily Network (Unauthenticated access for DoS/Info Disclosure); Local modification for Auth Bypass in Easy Config.
## Impact (Inferred based on vulnerability type)
- Confidentiality: High for CVE-2024-48894 (Cleartext Transmission).
- Integrity: Potential for unauthorized changes due to CSRF and credential weakening (Default Credentials).
- Availability: High for multiple DoS related CVEs.
## Remediation
### Patches
- Vendor has patched all disclosed vulnerabilities. Specific patched versions are not provided in the text summary.
### Workarounds
- No specific workarounds were detailed in the summary text.
## Detection
- Snort coverage is available for detection. Download the latest rule sets from snort.org.
## References
- Vendor Advisories: Refer to TALOS-2024-2115 through TALOS-2025-2251 reports on talosintelligence.com.