Unrated severityNVD Advisory· Published Jul 8, 2025· Updated Jul 22, 2025
OCPP Backend Configuration via Insecure Defaults
CVE-2025-25271
Description
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.
Affected products
4- Phoenix Contact/CHARX SEC-3000v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3050v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3100v5Range: 0.0.0
- Phoenix Contact/CHARX SEC-3150v5Range: 0.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.