CVE-2025-3200

Summary

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.

Affected Software

VendorProductVersion RangeStatus
Wiesemann & TheisCom-Server++0.0.0 < 1.60affected
Wiesemann & TheisCom-Server PoE 3x Isolated0.0.0 < 1.60affected
Wiesemann & TheisCom-Server 20mA0.0.0 < 1.60affected
Wiesemann & TheisCom-Server OEM0.0.0 < 1.60affected
Wiesemann & TheisCom-Server UL0.0.0 < 1.60affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References