CVE-2025-41727
Unknown Unknown - Not Provided
Authentication Bypass in Device Manager Enables Privilege Escalation

Publication date: 2026-01-27

Last updated on: 2026-01-27

Assigner: CERT VDE

Description
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-27
Last Modified
2026-01-27
Generated
2026-06-16
AI Q&A
2026-01-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-41727
EUVD
EUVD-2025-206408
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
beckhoff device_manager 2.5.3
beckhoff mdp 1.7.0.0
beckhoff mdp_bhf 0.0.5-1
beckhoff device_manager to 2.5.3 (exc)
beckhoff mdp to 1.7.0.0 (exc)
beckhoff mdp_bhf to 0.0.5-1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-420 The product protects a primary channel, but it does not use the same level of protection for an alternate channel.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability allows a local user with low privileges on Beckhoff Device Manager to bypass the authentication mechanism of its user interface. By doing so, the attacker can send commands to a privileged process that executes them with administrator-level privileges, effectively escalating their access rights on the system. [1]

Impact Analysis

The vulnerability can lead to local privilege escalation, allowing an attacker with low privileges to gain administrator access. This can result in unauthorized execution of commands with high privileges, compromising the confidentiality, integrity, and availability of the affected system. [1]

Detection Guidance

The vulnerability allows a local low-privileged user to bypass authentication and execute commands with elevated privileges via the Device Manager user interface. Detection involves monitoring for unauthorized command executions or privilege escalations on affected Beckhoff Device Manager components. Specific detection commands are not provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include updating the affected Beckhoff software packages to the fixed versions: Beckhoff.Device.Manager.XAR tcpkg package version 2.5.3 or later, MDP software package for TwinCAT/BSD version 1.7.0.0 or later, and mdp-bhf software package for Beckhoff RT Linux(R) version 0.0.5-1 or later. [1]

Compliance Impact

This vulnerability allows a local low privileged attacker to bypass authentication and gain administrator access, which can lead to unauthorized access to sensitive data and system controls. Such unauthorized access and potential data compromise could negatively impact compliance with standards and regulations like GDPR and HIPAA that require strict access controls and protection of sensitive information. Therefore, if exploited, this vulnerability could result in non-compliance with these regulations due to breaches in confidentiality, integrity, and availability of data. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-41727. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart