Remote Code Execution Vulnerability in Network Configuration Tool by Vendor
CVE-2025-41667

8.8HIGH

Key Information:

Vendor: Phoenix Contact
Status: Axc F 1152; Axc F 2152; Axc F 3152; Bpc 9102s
Vendor: CVE Published:; 8 July 2025

🔔 Create Phoenix Contact Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2025-41667?

A vulnerability exists in the network configuration tool that allows a remote attacker with limited privileges to manipulate a critical file utilized by the arp-preinit script. This exploitation can grant unauthorized read, write, and execute permissions to any file on the device, potentially compromising the system's integrity and security.

Affected Version(s)

AXC F 1152 0 < 2025.0.2

AXC F 2152 0 < 2025.0.2

AXC F 3152 0 < 2025.0.2

News Articles

ameeba.com

CVE-2025-41667

CVE-2025-41667: Potential System Compromise via File Access Exploitation - Cybersecurity Exploit Tracker by Ameeba

Overview In the constantly evolving landscape of cybersecurity, vulnerabilities that allow remote attackers to gain unauthorized system access are a significant concern. The CVE-2025-41667 vulnerability is one such high-severity threat that gives attackers the potential to compromise an entire syste...

2 weeks ago

References

https://certvde.com/en/advisories/VDE-2025-054

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by ameeba.com
Jul 25, 2025
Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Nozomi