CVE-2025-3090 is a high-severity vulnerability identified in the mbCONNECT24 product by MB connect line, classified under CWE-306: Missing Authentication for Critical Function. This vulnerability allows an unauthenticated remote attacker to invoke a critical function on the device without any authentication checks. As a result, the attacker can obtain limited sensitive information and/or cause a denial-of-service (DoS) condition on the affected device. The vulnerability is remotely exploitable over the network (Attack Vector: Network) with low attack complexity, requiring no privileges or user interaction. The CVSS v3.1 base score is 8.2, reflecting a high impact primarily on availability (DoS) and a limited impact on confidentiality (disclosure of some sensitive information). The vulnerability affects version 0 of mbCONNECT24, a product used for remote device management and industrial connectivity. No patches or known exploits in the wild are currently reported. The lack of authentication on critical functions indicates a fundamental security design flaw, potentially exposing industrial control systems or remote management infrastructure to disruption or information leakage.

For European organizations, especially those in industrial sectors such as manufacturing, energy, and critical infrastructure, this vulnerability poses a significant risk. mbCONNECT24 is commonly used for remote monitoring and management of industrial devices, meaning exploitation could disrupt operational technology (OT) environments. The DoS impact could lead to downtime of critical systems, affecting production lines or utility services, causing financial losses and safety concerns. The limited sensitive information disclosure could aid attackers in reconnaissance for further attacks. Given the remote and unauthenticated nature of the exploit, attackers can easily target exposed devices without needing credentials or user interaction, increasing the likelihood of successful attacks. This vulnerability could also be leveraged in coordinated attacks against European industrial networks, potentially impacting supply chains and critical services.

1. Immediate network-level protections: Restrict access to mbCONNECT24 devices by implementing strict firewall rules and network segmentation to limit exposure to untrusted networks, especially the internet. 2. Deploy VPNs or secure tunnels for remote access to ensure authentication and encryption at the network layer. 3. Monitor network traffic for unusual patterns or repeated access attempts targeting mbCONNECT24 devices to detect potential exploitation attempts early. 4. Engage with MB connect line for official patches or firmware updates addressing this vulnerability; if unavailable, consider temporary device isolation or replacement. 5. Implement compensating controls such as intrusion detection/prevention systems (IDS/IPS) tailored to detect exploitation attempts of this specific vulnerability. 6. Conduct thorough asset inventories to identify all mbCONNECT24 instances and prioritize remediation based on criticality. 7. Educate operational technology and IT teams about this vulnerability to ensure rapid response and incident handling.