CVE-2025-41670
Untrusted Search Path
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not sufficiently protected against modification by low-privileged users. As the service runs with elevated privileges, successful exploitation may result in a local privilege escalation.
| CWE | CWE-427 |
| Vendor | phoenix contact |
| Product | axc f 1152 |
| Published | May 27, 2026 |
| Last Updated | May 27, 2026 |
Stay Ahead of the Next One
Get instant alerts for phoenix contact axc f 1152
Be the first to know when new high vulnerabilities affecting phoenix contact axc f 1152 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Phoenix Contact / AXC F 1152
0.0.0 < 2026.0.3
Phoenix Contact / AXC F 1252
0.0.0 < 2026.0.3
Phoenix Contact / AXC F 2000 EA
0.0.0 < 2026.0.3
Phoenix Contact / AXC F 2152
0.0.0 < 2026.0.3
Phoenix Contact / AXC F 3152
0.0.0 < 2026.0.3
Phoenix Contact / BPC 9102S
0.0.0 < 2026.0.3
Phoenix Contact / EPC 1522
0.0.0 < 2026.0.3
Phoenix Contact / RFC 4072R
0.0.0 < 2026.0.3
Phoenix Contact / RFC 4072S
0.0.0 < 2026.0.3
Phoenix Contact / VL3 UPC 2440 EDGE
0.0.0 < 2026.0.3
Phoenix Contact / VPLCNEXT CONTROL 1000
0.0.0 < 2026.0.3
Phoenix Contact / VPLCNEXT CONTROL 2000
0.0.0 < 2026.0.3
Phoenix Contact / VPLCNEXT CONTROL 3000
0.0.0 < 2026.0.3
Phoenix Contact / VPLCNEXT CONTROL 500
0.0.0 < 2026.0.3
References
Credits
Diego Giubertoni from Nozomi