CVE-2025-41665

Published: Jul 8, 2025Modified: Jul 8, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: info@cert.vde.com (Secondary)

Description

An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file.

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (1)

https://certvde.com/en/advisories/VDE-2025-054

Source: info@cert.vde.com

Timeline

No history available yet.