CVE-2025-41667
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-08
Assigner: CERT VDE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phoenix_contact | plcnext_firmware | 2025.0.2 |
| phoenix_contact | plcnext_engineer | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-59 | The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows a low privileged remote attacker who has file access to replace a critical file used by the arp-preinit script. By doing so, the attacker can gain read, write, and execute access to any file on the affected device. The root cause is improper handling of symbolic links before file access, which enables unauthorized file manipulation and potentially full system compromise. [1]
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to unauthorized read, write, and execution access to any file on the device. This compromises the confidentiality, integrity, and availability of the system, potentially allowing an attacker to manipulate critical files, disrupt system operations, or take full control of the device. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the affected devices to firmware version 2025.0.2 or later. Additionally, always use the latest PLCnext Engineer software to maintain security and protect against this and related vulnerabilities. [1]