CVE-2025-64388 is a critical vulnerability identified in Circutor's TCPRS1plus device, version 1.0.14, involving uncontrolled resource consumption (CWE-400) that leads to a denial of service (DoS) condition. The vulnerability resides in the device's web server component, which processes specific protocol requests. An attacker can send specially crafted requests without requiring authentication or user interaction, causing the device to consume excessive resources such as CPU or memory, ultimately leading to service unavailability. The CVSS 4.0 base score of 9.2 reflects the vulnerability's high severity, with network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is primarily on availability, with a high impact rating. No known exploits have been reported in the wild yet, but the vulnerability's characteristics make it a prime candidate for exploitation in denial of service attacks. The affected product, TCPRS1plus, is used in energy management and industrial environments, where availability is critical. The lack of available patches at the time of publication necessitates immediate mitigation through network segmentation and access controls. Monitoring for vendor updates and applying patches promptly once available is essential to secure affected systems.

The primary impact of CVE-2025-64388 is a denial of service that disrupts the availability of the TCPRS1plus device's web server, potentially causing operational downtime. For European organizations, especially those in critical infrastructure sectors such as energy management, industrial automation, and utilities, this can lead to significant operational disruptions, safety risks, and financial losses. The inability to access or manage the device remotely could delay incident response and maintenance activities. Given the device's role in monitoring and controlling energy systems, prolonged outages could affect power distribution and industrial processes. Additionally, attackers could leverage this vulnerability to cause cascading failures in interconnected systems. The lack of authentication and user interaction requirements lowers the barrier for exploitation, increasing the risk of widespread attacks. The impact is magnified in environments with limited redundancy or where these devices are integral to operational technology (OT) networks.

1. Immediately implement network segmentation to isolate TCPRS1plus devices from general IT networks and restrict access to trusted management hosts only. 2. Deploy firewall rules and intrusion prevention systems (IPS) to detect and block malformed or suspicious protocol requests targeting the device's web server. 3. Monitor network traffic for unusual spikes or repeated requests that could indicate exploitation attempts. 4. Engage with Circutor support channels to obtain information on patches or firmware updates addressing this vulnerability and apply them as soon as they become available. 5. Conduct regular vulnerability assessments and penetration testing focused on OT devices to identify and remediate similar issues proactively. 6. Implement strict access controls and logging on management interfaces to detect unauthorized access attempts. 7. Develop and test incident response plans specific to OT environments to minimize downtime in case of exploitation. 8. Consider deploying redundancy or failover mechanisms for critical devices to maintain availability during attacks or maintenance.