CVE-2025-23406

Summary

Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed.

Affected Software

VendorProductVersion RangeStatus
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente TCP/IPv4Ver.1.51 and earlieraffected
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente TCP/IPv4 SNMPv2Ver.2.30 and earlieraffected
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente TCP/IPv4 SNMPv3Ver.2.30 and earlieraffected
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente IPv6Ver.1.60 and earlieraffected
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente IPv6 SNMPv2Ver.2.30 and earlieraffected
DMG MORI Digital Co., LTD. and NXTech Co., Ltd.Cente IPv6 SNMPv3Ver.2.30 and earlieraffected

Weaknesses

  • CWE-125: Out-of-bounds read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References