Browse all 11 CVE security advisories affecting SAUTER. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAUTER develops building automation and energy management systems used in commercial and industrial facilities. Historically, their products have been vulnerable to multiple remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and authentication bypasses. With 11 CVEs documented, these vulnerabilities have allowed unauthorized access to building control systems, potentially enabling manipulation of environmental settings or physical security measures. While no major public incidents have been widely reported, the consistent pattern of security flaws in legacy and current products indicates ongoing risks for organizations relying on SAUTER infrastructure without proper segmentation and patching protocols.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-41724 | Sauter: Crash via Incomplete SOAP Request — modulo 6 devices modu680-ASCWE-239 | 7.5 | High | 2025-10-22 |
| CVE-2025-41723 | Sauter: Directory Traversal in importFile SOAP Method — modulo 6 devices modu680-ASCWE-35 | 9.8 | Critical | 2025-10-22 |
| CVE-2025-41722 | Sauter: Hard-coded Authentication Credentials — modulo 6 devices modu680-ASCWE-798 | 7.5 | High | 2025-10-22 |
| CVE-2025-41721 | Sauter: Command Injection — modulo 6 devices modu680-ASCWE-77 | 2.7 | Low | 2025-10-22 |
| CVE-2025-41720 | Sauter: Arbitrary File Upload — modulo 6 devices modu680-ASCWE-646 | 4.3 | Medium | 2025-10-22 |
| CVE-2025-41719 | Sauter: Improper Validation of user-controlled data — modulo 6 devices modu680-ASCWE-1286 | 8.8 | High | 2025-10-22 |
This page lists every published CVE security advisory associated with SAUTER. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.