CVE-2025-41699
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-10-14
Assigner: CERT VDE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phoenix_contact | charx_sec-3xxx | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-41699 is a code injection vulnerability in the firmware of Phoenix Contact's CHARX SEC-3xxx series charging controllers (models CHARX SEC-3150, SEC-3100, SEC-3050, and SEC-3000) with firmware versions prior to 1.7.4. A low-privileged remote attacker who has an account on the device's web-based management interface can exploit this vulnerability to perform command injection with root privileges. This means the attacker can execute arbitrary commands as the root user, leading to a complete compromise of the device's confidentiality, integrity, and availability. [1]
How can this vulnerability impact me? :
This vulnerability can lead to a total loss of confidentiality, integrity, and availability of the affected charging controllers. An attacker exploiting this flaw can gain root-level control over the device, allowing them to change system configurations, execute arbitrary commands, disrupt device operations, steal sensitive information, or cause device failure. This can severely impact the reliability and security of the charging infrastructure where these devices are deployed. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if your system is running affected firmware versions (prior to 1.7.4) on Phoenix Contact CHARX SEC-3xxx series charging controllers (models CHARX SEC-3150, SEC-3100, SEC-3050, SEC-3000). You can check the firmware version via the device's web-based management interface or by querying the device directly if supported. Since the vulnerability allows command injection via the web interface, monitoring for unusual commands or unexpected root-level activities originating from low-privileged accounts could indicate exploitation attempts. Specific commands depend on the device's management capabilities, but generally, checking firmware version and reviewing logs for suspicious activity is recommended. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the firmware of affected Phoenix Contact CHARX SEC-3xxx series charging controllers to version 1.7.4, which fixes the vulnerability. Additionally, operate these devices exclusively within closed industrial networks protected by suitable firewalls to reduce exposure. Implement general security best practices for network-enabled devices as recommended by Phoenix Contact's application notes on security. [1]