MB connect line: Sandbox escape in mbNET's LUA interpreter

VDE-2025-065

Last update

31.07.2025 12:00

Published at

31.07.2025 12:00

Vendor(s)

MB connect line GmbH

External ID

VDE-2025-065

CSAF Document

Download

Summary

An authenticated remote attacker can exploit an undocumented method to escape the LUA sandbox in mbNET devices, enabling the execution of arbitrary operating system commands and leading to full system compromise.

Impact

This vulnerability allows an authenticated remote attacker to fully compromise the system by executing arbitrary OS commands.

Affected Product(s)

Model no.	Product name	Affected versions
	MB connect line mbNET HW1	Firmware <=5.1.11
	MB connect line mbNET/mbNET.rokey	Firmware <7.3.0

Vulnerabilities

Expand / Collapse all

Published

24.09.2025 12:42

Severity

7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weakness

Improper Isolation or Compartmentalization (CWE-653)

Summary

A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox.

References

cve.org | nvd.nist.gov

Remediation

Update mbNET/mbNET.rokey to at least version 7.3.0\
Note: mbNET HW1 is EOL and will not receive any further updates.

Acknowledgments

MB connect line GmbH thanks the following parties for their efforts:

CERT@VDE for coordination (see https://certvde.com )
Marcel Rick-Cen for reporting

Revision History

Version	Date	Summary
1	31.07.2025 12:00	Initial revision.

MB connect line: Sandbox escape in mbNET's LUA interpreter

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2025-41688 7.2

Remediation

Acknowledgments

Revision History