CVE-2025-24003

Published: Jul 8, 2025Modified: Jul 11, 2025

8.2

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Exploitability: 3.9 / Impact: 4.2

Source: info@cert.vde.com (Secondary)

Description

An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.

Affected (4)

Products: Phoenixcontact: Charx Sec 3000 Firmware, Charx Sec 3050 Firmware, Charx Sec 3100 Firmware, Charx Sec 3150 Firmware

Phoenixcontact

4 products

Charx Sec 3000 Firmware

Charx Sec 3050 Firmware

Charx Sec 3100 Firmware

Charx Sec 3150 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Charx Sec 3000 Firmware	Up to 1.6.5

Running on/with	Platform Versions
Phoenixcontact Charx Sec 3000	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Charx Sec 3050 Firmware	Up to 1.6.5

Running on/with	Platform Versions
Phoenixcontact Charx Sec 3050	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Charx Sec 3100 Firmware	Up to 1.6.5

Running on/with	Platform Versions
Phoenixcontact Charx Sec 3100	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Charx Sec 3150 Firmware	Up to 1.6.5

Running on/with	Platform Versions
Phoenixcontact Charx Sec 3150	All versions

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (1)

https://certvde.com/en/advisories/VDE-2025-014

Source: info@cert.vde.com

Third Party Advisory

Timeline

No history available yet.