CVE-2025-64388 is a critical denial of service vulnerability affecting Circutor's TCPRS1plus device, specifically version 1.0.14. The vulnerability arises from uncontrolled resource consumption (CWE-400) triggered by specially crafted requests sent to the device's web server protocol. An attacker can exploit this remotely over the network without any authentication or user interaction, making it highly accessible for exploitation. The attack causes the device to consume excessive resources, such as CPU or memory, leading to a crash or unresponsiveness of the web server component, effectively denying service to legitimate users. The CVSS 4.0 vector indicates no privileges required (PR:N), no user interaction (UI:N), and no confidentiality or integrity impact, but a high availability impact (VA:H). This suggests the primary risk is operational disruption rather than data compromise. No patches or fixes have been released at the time of publication, and no active exploits are reported, but the critical severity score (9.2) highlights the urgency for mitigation. The device is typically deployed in industrial and energy management environments, where availability is crucial. The lack of authentication and ease of triggering the vulnerability increases the attack surface significantly. Organizations should monitor network traffic for anomalous requests targeting the TCPRS1plus web server and implement network segmentation and filtering to limit exposure. Close coordination with Circutor for updates and patches is essential to remediate the vulnerability once available.

The primary impact of CVE-2025-64388 is a denial of service condition that disrupts the availability of the TCPRS1plus device's web server. For European organizations, especially those in critical infrastructure sectors such as energy management, industrial automation, and utilities where Circutor products are deployed, this can lead to operational outages, loss of monitoring and control capabilities, and potential cascading effects on broader systems. The inability to access or manage the device remotely could delay incident response and maintenance activities. Since the vulnerability does not affect confidentiality or integrity, data breaches are less likely; however, the operational impact can be severe, potentially affecting service continuity and safety. The ease of exploitation without authentication increases the risk of widespread attacks, including from opportunistic threat actors. This could also impact compliance with European regulations on critical infrastructure resilience and operational security. The lack of patches at present means organizations must rely on compensating controls to mitigate risk until a fix is available.

1. Implement network-level filtering to restrict access to the TCPRS1plus web server interface, allowing only trusted management networks or IP addresses. 2. Deploy rate limiting and anomaly detection on network devices to identify and block suspicious request patterns targeting the vulnerable protocol. 3. Segment the network to isolate the TCPRS1plus devices from general enterprise networks and the internet to reduce exposure. 4. Monitor device logs and network traffic for signs of resource exhaustion or unusual request volumes indicative of exploitation attempts. 5. Engage with Circutor support channels to obtain information on patches or firmware updates addressing this vulnerability and plan timely deployment once available. 6. Develop and test incident response procedures specific to device unavailability scenarios to minimize operational impact. 7. Consider temporary disabling or restricting the vulnerable web server functionality if feasible without disrupting critical operations. 8. Maintain up-to-date asset inventories to identify all affected devices and prioritize mitigation efforts accordingly.