The ugw-logread method fails to validate user supplied file paths, allowing a remote attacker who has user privileges to read any file on the device’s local filesystem. This flaw can lead to disclosure of sensitive configuration settings, credentials, or other confidential data, thereby compromising confidentiality and integrity. The vulnerability is a classic case of CWE-22: path traversal followed by arbitrary file read.

The flaw affects a range of embedded firmware products from MBS, including Double‑A Profibus firmware, Double‑A x‑link firmware, Double‑X CAN, Double‑X DALI, Double‑X KNX, Double‑X LON, Double‑X M‑Bus, Double‑X PROFINET, Double‑X x‑link, Single‑A firmware, Single‑X firmware, Triple‑X KNX+DALI, Triple‑X KNX+LON, Triple‑X KNX+M‑Bus, Triple‑X PROFINET+DALI, Triple‑X PROFINET+KNX, Triple‑X PROFINET+LON, and Triple‑X PROFINET+M‑Bus firmware.

The CVSS score of 8.7 indicates a high severity impact. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to be authenticated with user privileges; it is inferred that the method is exposed via a network service or web interface. No public exploits or proof‑of‑concepts are known, so the exploitability depends on the attacker’s ability to obtain user credentials. Given the high severity and potential for confidentiality compromise, the overall risk remains significant.