Unrated severityNVD Advisory· Published Jul 8, 2025· Updated Jul 8, 2025
Remote Code Execution via Unauthenticated Configuration Manipulation
CVE-2025-25270
Description
An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.
Affected products
4- Phoenix Contact/CHARX SEC-3000v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3050v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3100v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3150v5Range: 0.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.