Machine Expert PROT: Improper Shutdown Leads to Denial of Service
CVE-2025-13901 Published on March 10, 2026

CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels.

NVD

Weakness Type

Improper Resource Shutdown or Release

The program does not release or incorrectly releases a resource before it is made available for re-use. When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Affected Versions

Schneider Electric Modicon M241/M251:

Version Versions prior to 5.4.13.12 is affected.

Schneider Electric Modicon M262:

Version Versions prior to 5.4.10.12 is affected.

Exploit Probability

EPSS

0.05%

Percentile

15.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Machine Expert PROT: Improper Shutdown Leads to Denial of ServiceCVE-2025-13901 Published on March 10, 2026

Weakness Type

Improper Resource Shutdown or Release

Affected Versions

Exploit Probability

Machine Expert PROT: Improper Shutdown Leads to Denial of Service
CVE-2025-13901 Published on March 10, 2026