Remote Code Execution Vulnerability in PLCs by Leading Vendor
CVE-2025-41665

6.5MEDIUM

Key Information:

Vendor: Phoenix Contact
Status: Axc F 1152; Axc F 2152; Axc F 3152; Bpc 9102s
Vendor: CVE Published:; 8 July 2025

🔔 Create Phoenix Contact Vulnerability Alert

What is CVE-2025-41665?

A remote attacker with low privileges can exploit a vulnerability in programmable logic controllers (PLCs) by manipulating the default permissions of a configuration file. This allows the attacker to trigger a watchdog mechanism, causing the PLCs to reboot unexpectedly. Such behavior could impact operational continuity and lead to potential disruptions in automated systems.

Affected Version(s)

AXC F 1152 0 < 2025.0.2

AXC F 2152 0 < 2025.0.2

AXC F 3152 0 < 2025.0.2

References

https://certvde.com/en/advisories/VDE-2025-054

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Nozomi