CVE-2025-25270

CRITICAL

Published Jul 8, 2025 Modified Jul 11, 2025 CWE-913

Description

An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.

CVSS v3.1 Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-913 CWE-913

Affected Products

Vendor	Product	Versions
phoenixcontact	charx_sec-3000_firmware	< 1.7.3
phoenixcontact	charx_sec-3000	All
phoenixcontact	charx_sec-3050_firmware	< 1.7.3
phoenixcontact	charx_sec-3050	All
phoenixcontact	charx_sec-3100_firmware	< 1.7.3
phoenixcontact	charx_sec-3100	All
phoenixcontact	charx_sec-3150_firmware	< 1.7.3
phoenixcontact	charx_sec-3150	All

References

Other References

https://certvde.com/de/advisories/VDE-2025-019

Frequently Asked Questions

What is CVE-2025-25270? +

An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations. It has a CVSS v3.1 base score of 9.8 (CRITICAL).

How severe is CVE-2025-25270? +

CVE-2025-25270 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

What products are affected by CVE-2025-25270? +

CVE-2025-25270 affects products from phoenixcontact, specifically: charx_sec-3000, charx_sec-3000_firmware, charx_sec-3050, charx_sec-3050_firmware, charx_sec-3100, charx_sec-3100_firmware, charx_sec-3150, charx_sec-3150_firmware. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2025-25270? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-13426

A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a …

CVE-2026-48700

An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as …

CVE-2025-68613 9.9

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain …

CVE-2024-8953 9.8

In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to …

CVE-2024-5452 9.8

A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user …

CVE-2026-44336 9.6

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers …

Quick Facts

CVSS Score: 9.8
Severity: CRITICAL
Published: Jul 8, 2025

Scan for this vulnerability

Check if your website or infrastructure is affected by CVE-2025-25270.

Website Scan Port Scan

Browse CVEs

Critical High CISA KEV ! Most likely exploited →