Details of VAR-202507-2460

ID

VAR-202507-2460

CVE

CVE-2025-41676

TITLE

MB CONNECT LINE mbNET.mini resource management error vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-21145

DESCRIPTION

A high privileged remote attacker can exhaust critical system resources by sending specifically crafted POST requests to the send-sms action in fast succession. MB CONNECT LINE's mbNET.mini is an industrial router designed for industrial scenarios, primarily used to enable secure remote connections between machines and systems. MB CONNECT LINE's mbNET.mini contains a resource management error vulnerability. Detailed vulnerability details are not currently available

Trust: 1.44

sources: NVD: CVE-2025-41676 // CNVD: CNVD-2025-21145

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-21145

AFFECTED PRODUCTS

vendor:

model:

connect line mbnet.mini

scope:

version:

2.3.3

Trust: 0.6

sources: CNVD: CNVD-2025-21145

CVSS

SEVERITY

CVSSV2

CVSSV3

info@cert.vde.com:	CVE-2025-41676
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-21145
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-21145
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:N/AC:L/AU:M/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	MULTIPLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.4
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

info@cert.vde.com:	CVE-2025-41676
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-21145 // NVD: CVE-2025-41676

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.0

sources: NVD: CVE-2025-41676

PATCH

title:

Patch for MB CONNECT LINE mbNET.mini resource management error vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/731051

Trust: 0.6

sources: CNVD: CNVD-2025-21145

EXTERNAL IDS

db:	NVD	id:	CVE-2025-41676	Trust: 1.6
db:	CERT@VDE	id:	VDE-2025-058	Trust: 1.6
db:	CNVD	id:	CNVD-2025-21145	Trust: 0.6

sources: CNVD: CNVD-2025-21145 // NVD: CVE-2025-41676

REFERENCES

url:

https://certvde.com/de/advisories/vde-2025-058

Trust: 1.6

sources: CNVD: CNVD-2025-21145 // NVD: CVE-2025-41676

SOURCES

db:	CNVD	id:	CNVD-2025-21145
db:	NVD	id:	CVE-2025-41676

LAST UPDATE DATE

2025-09-13T23:14:03.999000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-21145	date:	2025-09-12T00:00:00
db:	NVD	id:	CVE-2025-41676	date:	2025-07-22T13:06:07.260

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-21145	date:	2025-09-11T00:00:00
db:	NVD	id:	CVE-2025-41676	date:	2025-07-21T10:15:24.680