VDE-2025-047 | CERT@VDE

2025-06-10 10:00 (CEST) VDE-2025-047

AUMA: Incorrect delivery status of the Bluetooth configuration

Share: Email | Twitter

ID

VDE-2025-047

Published

2025-06-10 10:00 (CEST)

Last update

2025-06-02 12:57 (CEST)

Vendor(s)

AUMA Riester GmbH & Co. KG

Product(s)

Article No°	Product Name	Affected Version(s)
	AC1.2	01.01.2024 < 09.05.2025
	PROFOX	01.01.2024 < 09.05.2025

Summary

For actuators with AC.2 controls and PROFOX actuators, a wrong configuration occurred for deliveries within the period from 01.01.2024 to 09.05.2025. Despite the ordered option "L90.00 = Bluetooth always deactivated", these actuators were delivered with an activated Bluetooth module which would allow an attacker to utilize the Bluetooth interface. It is possible to deactivate the Bluetooth interface of the affected actuators after the delivery using the standard procedures listed in the manuals.

CVE ID

CVE-2025-41657

Last Update:

June 2, 2025, noon

Severity

4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Weakness

Observable Behavioral Discrepancy With Equivalent Products (CWE-207)

Summary

Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker.

Details

certvde.com

Impact

An unexpectedly activated Bluetooth module can lead to unwanted fingerprinting of the Bluetooth data by an attacker.

Solution

Remediation

As the Bluetooth interface is not required for normal operation, it is advisable to only activate it or only use it once it is needed, e.g. when configuring the actuator or reading diagnosis data. Under normal operating conditions, it should be deactivated.

Reported by

CERT@VDE coordinated with AUMA Riester