VDE-2025-047

Vulnerability from csaf_aumariestergmbhcokg - Published: 2025-06-10 10:00 - Updated: 2025-06-10 10:00
Summary
AUMA: Incorrect delivery status of the Bluetooth configuration
Severity
Low
Notes
Summary: For actuators with AC.2 controls and PROFOX actuators, a wrong configuration occurred for deliveries within the period from 01.01.2024 to 09.05.2025. Despite the ordered option "L90.00 = Bluetooth always deactivated", these actuators were delivered with an activated Bluetooth module which would allow an attacker to utilize the Bluetooth interface. It is possible to deactivate the Bluetooth interface of the affected actuators after the delivery using the standard procedures listed in the manuals.
Impact: An unexpectedly activated Bluetooth module can lead to unwanted fingerprinting of the Bluetooth data by an attacker.
Remediation: As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated.
General Recommendation: As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or to only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated. The configuration "Bluetooth interface = Switched off" should be verified for its desired setting.
CVE-2025-41657

Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.

4.3 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-207 - Observable Behavioral Discrepancy With Equivalent Products
Mitigation As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or to only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated. The configuration "Bluetooth interface = Switched off" should be verified for its desired setting
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "for coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "aggregate_severity": {
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "For actuators with AC.2 controls and PROFOX actuators, a wrong configuration occurred for deliveries within the period from 01.01.2024 to 09.05.2025. Despite the ordered option \"L90.00 = Bluetooth always deactivated\", these actuators were delivered with an activated Bluetooth module which would allow an attacker to utilize the Bluetooth interface. It is possible to deactivate the Bluetooth interface of the affected actuators after the delivery using the standard procedures listed in the manuals.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "An unexpectedly activated Bluetooth module can lead to unwanted fingerprinting of the Bluetooth data by an attacker.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated.",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or to only use it once it is needed, e.g. when configuring the actuator or reading  diagnosis data. Under normal operating conditions, it should be deactivated. The configuration \"Bluetooth interface = Switched off\" should be verified for its desired setting.",
        "title": "General Recommendation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@auma.com",
      "name": "AUMA Riester GmbH \u0026 Co. KG",
      "namespace": "https://auma.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "PSIRT at AUMA Riester GmbH \u0026 Co. KG",
        "url": "https://www.auma.com/en_GB/service/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for AUMA",
        "url": "https://certvde.com/en/advisories/vendor/auma/"
      },
      {
        "category": "self",
        "summary": "VDE-2025-047: AUMA: Incorrect delivery status of the Bluetooth configuration - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2025-047"
      },
      {
        "category": "self",
        "summary": "VDE-2025-047: AUMA Riester: Incorrect delivery status of the Bluetooth configuration - CSAF",
        "url": "https://auma.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-047.json"
      }
    ],
    "title": "AUMA: Incorrect delivery status of the Bluetooth configuration",
    "tracking": {
      "aliases": [
        "VDE-2025-047"
      ],
      "current_release_date": "2025-06-10T10:00:00.000Z",
      "generator": {
        "date": "2025-06-02T09:05:11.065Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2025-047",
      "initial_release_date": "2025-06-10T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-06-10T10:00:00.000Z",
          "number": "1",
          "summary": "Initial revision"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "01.01.2024\u003c09.05.2025",
                    "product": {
                      "name": "AC1.2 delivered between 01.01.2024\u003c09.05.2025",
                      "product_id": "CSAFPID-11001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "09.05.2025",
                    "product": {
                      "name": "AC1.2 delivered after 09.05.2025",
                      "product_id": "CSAFPID-12001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "AC1.2"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "01.01.2024\u003c09.05.2025",
                    "product": {
                      "name": "PROFOX delivered between 01.01.2024\u003c09.05.2025",
                      "product_id": "CSAFPID-11002"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "09.05.2025",
                    "product": {
                      "name": "PROFOX delivered after 09.05.2025",
                      "product_id": "CSAFPID-12002"
                    }
                  }
                ],
                "category": "product_family",
                "name": "PROFOX"
              }
            ],
            "category": "product_name",
            "name": "Hardware"
          }
        ],
        "category": "vendor",
        "name": "AUMA Riester GmbH"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-11001",
          "CSAFPID-11002"
        ],
        "summary": "Affected Products"
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-12001",
          "CSAFPID-12002"
        ],
        "summary": "Fixed products"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-41657",
      "cwe": {
        "id": "CWE-207",
        "name": "Observable Behavioral Discrepancy With Equivalent Products"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-12001",
          "CSAFPID-12002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "date": "2025-05-23T10:00:00.000Z",
          "details": "As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or to only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated. The configuration \"Bluetooth interface = Switched off\" should be verified for its desired setting",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 4.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 4.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002"
          ]
        }
      ],
      "title": "CVE-2025-41657"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.