CVE-2025-41722 HIGH

CVE-2025-41722: Sauter: Hard-coded Authentication Credentials

Vendor Sauter
Product modulo 6 devices modu680-AS
Weakness CWE-798 · Hardcoded credentials
Published October 22, 2025
Last update October 22, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices.

Key dates

02Disclosure timeline

October 22, 2025 CVE published
October 22, 2025 Record updated