CVE-2025-10151 Malicious TCP/IP thread locking leads into diverse malfunctions

Improper locking vulnerability in Softing Industrial Automation GmbH gateways allows infected memory and/or resource leak exposure.

This issue affects

smartLink HW-PN: from 1.02 through 1.03

smartLink HW-DP: 1.31

Problem:

CWE-667 Improper Locking CWE-667

Impact:

CAPEC-456 Infected Memory CAPEC-456
CAPEC-131 Resource Leak Exposure CAPEC-131

Product Status:

ProductAffected
Softing Industrial Automation GmbH smartLink HW-PN

Default status is affected		from 1.02 through 1.03
Softing Industrial Automation GmbH smartLink HW-DP

Default status is unaffected		 through 1.31

Solution:

This issue is fixed in

smartLink HW-PN: 1.04

smartLink HW-DP: 1.32

References

https//industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10151.html x_html
https//industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10151.json x_json