CVE-2025-13901

Published: Mar 10, 2026

Modified: Mar 10, 2026

PUBLISHED

Description

CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels.

Vendor	Product	Versions
Schneider Electric	Modicon M241/M251	affected `Versions prior to 5.4.13.12`
Schneider Electric	Modicon M262	affected `Versions prior to 5.4.10.12`

Weaknesses (CWE)

CWE-404

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-069-01.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-13901

Description

Affected Products

Weaknesses (CWE)

References