Arbitrary Command Execution Vulnerability in Engineering Tools by CERTVDE
CVE-2025-41701

7.8HIGH

Key Information:

Vendor: Beckhoff
Status: Te1000 | Twincat 3 Enineering
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-41701?

An arbitrary command execution vulnerability exists within CERTVDE engineering tools, enabling an unauthenticated attacker to exploit the system by convincing a local user to open a specially crafted project file. This action can lead to the execution of arbitrary commands in the context of the user, posing significant security risks. Users are strongly advised to exercise caution when handling unfamiliar project files and ensure their systems are updated to the latest versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TE1000 | TwinCAT 3 Enineering 0 < 3.1.4024.67

References

https://certvde.com/en/advisories/VDE-2025-075

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Peter Cheng

ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc.

JSON

Beckhoff

What is CVE-2025-41701?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.