Remote File Access Vulnerability in Watchdog Component by Vendor
CVE-2025-41666

8.8HIGH

Key Information:

Vendor: Phoenix Contact
Status: Axc F 1152; Axc F 2152; Axc F 3152; Bpc 9102s
Vendor: CVE Published:; 8 July 2025

🔔 Create Phoenix Contact Vulnerability Alert

What is CVE-2025-41666?

This vulnerability allows a low privileged remote attacker to replace a critical file utilized by the watchdog component. Once the watchdog is initialized, the attacker can gain read, write, and execute access rights to any file on the device, thereby compromising its integrity and security.

Affected Version(s)

AXC F 1152 0 < 2025.0.2

AXC F 2152 0 < 2025.0.2

AXC F 3152 0 < 2025.0.2

References

https://certvde.com/en/advisories/VDE-2025-054

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Nozomi