{ "containers": { "cna": { "affected": [ { "defaultStatus": "affected", "product": "smartLink HW-PN", "vendor": "Softing Industrial Automation GmbH", "versions": [ { "lessThanOrEqual": "1.03", "status": "affected", "version": "1.02", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "smartLink HW-DP", "vendor": "Softing Industrial Automation GmbH", "versions": [ { "lessThanOrEqual": "1.31", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper locking vulnerability in Softing Industrial Automation GmbH gateways allows infected memory and/or resource leak exposure.

This issue affects

smartLink HW-PN: from 1.02 through 1.03

smartLink HW-DP: 1.31

" } ], "value": "Improper locking vulnerability in Softing Industrial Automation GmbH gateways allows infected memory and/or resource leak exposure.This issue affects\n\nsmartLink HW-PN: from 1.02 through 1.03\n\nsmartLink HW-DP: 1.31" } ], "impacts": [ { "capecId": "CAPEC-456", "descriptions": [ { "lang": "en", "value": "CAPEC-456 Infected Memory" } ] }, { "capecId": "CAPEC-131", "descriptions": [ { "lang": "en", "value": "CAPEC-131 Resource Leak Exposure" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 7.2, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/AU:Y/R:U/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-667", "description": "CWE-667 Improper Locking", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd" }, "references": [ { "tags": [ "x_html" ], "url": "https://https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10151.html" }, { "tags": [ "x_json" ], "url": "https://https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10151.json" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "

This issue is fixed in

smartLink HW-PN: 1.04

smartLink HW-DP: 1.32

" } ], "value": "This issue is fixed in\n\nsmartLink HW-PN: 1.04\n\nsmartLink HW-DP: 1.32" } ], "source": { "discovery": "INTERNAL" }, "title": "Malicious TCP/IP thread locking leads into diverse malfunctions", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "10de8ef9-5c89-4b17-8228-e97b74acf4bd", "cveId": "CVE-2025-10151", "requesterUserId": "00000000-0000-4000-9000-000000000000", "serial": 1, "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }