Privilege Escalation Vulnerability in Vendor Product
CVE-2025-25269

8.4HIGH

Key Information:

Vendor: Phoenix Contact
Status: Charx Sec-3150; Charx Sec-3100; Charx Sec-3050; Charx Sec-3000
Vendor: CVE Published:; 8 July 2025

🔔 Create Phoenix Contact Vulnerability Alert

What is CVE-2025-25269?

A vulnerability exists that allows an unauthenticated local attacker to inject a command, which is then executed with root privileges. This could potentially allow an attacker to gain unauthorized access to sensitive data or system controls, leading to severe security implications for the affected product. It is essential for users of the affected versions to apply the recommended patches and follow best security practices to mitigate this risk.

Affected Version(s)

CHARX SEC-3000 0.0.0 < 1.7.3

CHARX SEC-3050 0.0.0 < 1.7.3

CHARX SEC-3100 0.0.0 < 1.7.3

References

https://certvde.com/de/advisories/VDE-2025-019

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Feb 6, 2025

Credit

HT3 Labs