Details of VAR-202507-2455

ID

VAR-202507-2455

CVE

CVE-2025-41679

TITLE

MB CONNECT LINE mbNET.mini buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-21147

DESCRIPTION

An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service. MB CONNECT LINE's mbNET.mini is an industrial router designed specifically for industrial scenarios, primarily used to enable secure remote connections between machines and systems. MB CONNECT LINE's mbNET.mini contains a buffer overflow vulnerability. This vulnerability occurs due to a boundary error when processing untrusted input

Trust: 1.44

sources: NVD: CVE-2025-41679 // CNVD: CNVD-2025-21147

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-21147

AFFECTED PRODUCTS

vendor:

model:

connect line mbnet.mini

scope:

version:

2.3.3

Trust: 0.6

sources: CNVD: CNVD-2025-21147

CVSS

SEVERITY

CVSSV2

CVSSV3

info@cert.vde.com:	CVE-2025-41679
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-21147
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-21147
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

info@cert.vde.com:	CVE-2025-41679
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-21147 // NVD: CVE-2025-41679

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.0

sources: NVD: CVE-2025-41679

PATCH

title:

Patch for MB CONNECT LINE mbNET.mini buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/731061

Trust: 0.6

sources: CNVD: CNVD-2025-21147

EXTERNAL IDS

db:	CERT@VDE	id:	VDE-2025-058	Trust: 1.6
db:	NVD	id:	CVE-2025-41679	Trust: 1.6
db:	CNVD	id:	CNVD-2025-21147	Trust: 0.6

sources: CNVD: CNVD-2025-21147 // NVD: CVE-2025-41679

REFERENCES

url:

https://certvde.com/de/advisories/vde-2025-058

Trust: 1.6

sources: CNVD: CNVD-2025-21147 // NVD: CVE-2025-41679

SOURCES

db:	CNVD	id:	CNVD-2025-21147
db:	NVD	id:	CVE-2025-41679

LAST UPDATE DATE

2025-09-13T23:14:04.084000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-21147	date:	2025-09-12T00:00:00
db:	NVD	id:	CVE-2025-41679	date:	2025-07-22T13:06:07.260

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-21147	date:	2025-09-11T00:00:00
db:	NVD	id:	CVE-2025-41679	date:	2025-07-21T10:15:25.133