CVE-2025-23406 - Vulnerability Details - OpenCVE

Description

Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed.

Published: 2025-02-14

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente TCP/IPv4

affected

Version	Status	Constraints
`Ver.1.51 and earlier`	affected	—

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente TCP/IPv4 SNMPv2

affected

Version	Status	Constraints
`Ver.2.30 and earlier`	affected	—

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente TCP/IPv4 SNMPv3

affected

Version	Status	Constraints
`Ver.2.30 and earlier`	affected	—

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente IPv6

affected

Version	Status	Constraints
`Ver.1.60 and earlier`	affected	—

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente IPv6 SNMPv2

affected

Version	Status	Constraints
`Ver.2.30 and earlier`	affected	—

DMG MORI Digital Co., LTD. and NXTech Co., Ltd.

Cente IPv6 SNMPv3

affected

Version	Status	Constraints
`Ver.2.30 and earlier`	affected	—

No data.

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-3163	Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00111.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://jvn.jp/en/vu/JVNVU92227620/
https://www.cente.jp/obstacle/5451/

History

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00024}`	epss `{'score': 0.00027}`

Sun, 13 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00045}`	epss `{'score': 0.00024}`

Fri, 14 Feb 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 14 Feb 2025 04:45:00 +0000

Type	Values Removed	Values Added
Description		Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed.
Weaknesses		CWE-125
References		https://jvn.jp/en/vu/JVNVU92227620/ https://www.cente.jp/obstacle/5451/
Metrics		cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2025-02-14T04:24:05.055Z

Updated: 2025-02-14T15:46:20.615Z

Reserved: 2025-02-04T00:50:41.527Z

Link: CVE-2025-23406

Vulnrichment

Updated: 2025-02-14T15:37:07.651Z

NVD

Status : Deferred

Published: 2025-02-14T05:15:12.567

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-23406

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-125

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-23406", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2025-02-04T00:50:41.527Z", "datePublished": "2025-02-14T04:24:05.055Z", "dateUpdated": "2025-02-14T15:46:20.615Z"}, "containers": {"cna": {"affected": [{"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4", "versions": [{"version": "Ver.1.51 and earlier", "status": "affected"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4 SNMPv2", "versions": [{"version": "Ver.2.30 and earlier", "status": "affected"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4 SNMPv3", "versions": [{"version": "Ver.2.30 and earlier", "status": "affected"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6", "versions": [{"version": "Ver.1.60 and earlier", "status": "affected"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6 SNMPv2", "versions": [{"version": "Ver.2.30 and earlier", "status": "affected"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6 SNMPv3", "versions": [{"version": "Ver.2.30 and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed."}], "problemTypes": [{"descriptions": [{"description": "Out-of-bounds read", "lang": "en-US", "cweId": "CWE-125", "type": "CWE"}]}], "references": [{"url": "https://www.cente.jp/obstacle/5451/"}, {"url": "https://jvn.jp/en/vu/JVNVU92227620/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2025-02-14T04:24:05.055Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-14T15:37:06.223307Z", "id": "CVE-2025-23406", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-14T15:46:20.615Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-23406", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-14T15:37:06.223307Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-14T15:37:07.651Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4", "versions": [{"status": "affected", "version": "Ver.1.51 and earlier"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4 SNMPv2", "versions": [{"status": "affected", "version": "Ver.2.30 and earlier"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente TCP/IPv4 SNMPv3", "versions": [{"status": "affected", "version": "Ver.2.30 and earlier"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6", "versions": [{"status": "affected", "version": "Ver.1.60 and earlier"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6 SNMPv2", "versions": [{"status": "affected", "version": "Ver.2.30 and earlier"}]}, {"vendor": "DMG MORI Digital Co., LTD. and NXTech Co., Ltd.", "product": "Cente IPv6 SNMPv3", "versions": [{"status": "affected", "version": "Ver.2.30 and earlier"}]}], "references": [{"url": "https://www.cente.jp/obstacle/5451/"}, {"url": "https://jvn.jp/en/vu/JVNVU92227620/"}], "descriptions": [{"lang": "en", "value": "Out-of-bounds read vulnerability caused by improper checking of TCP MSS option values exists in Cente middleware TCP/IP Network Series, which may lead to processing a specially crafted packet to cause the affected product crashed."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-125", "description": "Out-of-bounds read"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2025-02-14T04:24:05.055Z"}}}, "cveMetadata": {"cveId": "CVE-2025-23406", "state": "PUBLISHED", "dateUpdated": "2025-02-14T15:46:20.615Z", "dateReserved": "2025-02-04T00:50:41.527Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2025-02-14T04:24:05.055Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}