Local Privilege Escalation Vulnerability in Affected System Service by Vendor Company
CVE-2025-41670

8.7HIGH

Key Information:

Vendor: Phoenix Contact
Status: Axc F 1152; Axc F 1252; Axc F 2000 Ea; Axc F 2152
Vendor: CVE Published:; 27 May 2026

🔔 Create Phoenix Contact Vulnerability Alert

What is CVE-2025-41670?

An attacker with limited access can manipulate configuration or other application-related files in writable filesystem areas, potentially affecting the behavior of a high-privilege system service. Since this service operates with elevated privileges, successful manipulation could allow the attacker to escalate their privileges locally, compromising the security of the system.

Affected Version(s)

AXC F 1152 0.0.0 < 2026.0.3

AXC F 1252 0.0.0 < 2026.0.3

AXC F 2000 EA 0.0.0 < 2026.0.3

References

https://www.certvde.com/en/advisories/VDE-2026-050/

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Apr 16, 2025

Credit

Diego Giubertoni from Nozomi

CVE-2025-41670 Data

JSON