Medium severity5.3NVD Advisory· Published Apr 23, 2025· Updated Apr 15, 2026

CVE-2025-2595

Description

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

certvde.com/en/advisories/VDE-2025-027nvd

News mentions

ABB AC500 V3 Multiple Vulnerabilities
CISA Alerts

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000