CVE-2025-41703
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-11-03
Assigner: CERT VDE
Description
Description
An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the UPS via Modbus command.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phoenix_contact | quint4_ups | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an unauthenticated remote attacker to cause a Denial of Service (DoS) by sending a Modbus command that turns off the output of the UPS (Uninterruptible Power Supply).
How can this vulnerability impact me? :
The impact of this vulnerability is a Denial of Service, meaning the UPS output can be turned off remotely without authentication, potentially causing power loss to connected devices and disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70