MEDIUM🇵🇱 Wersja polska

CVE-2025-41697

CVSS 6.8v3.1pub. 2025-12-09upd. 2025-12-19

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Phoenixcontact Fl Switch 2207 Fx

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2207 Fx Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2207 Fx Sm

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2207 Fx Sm Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2208

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2208c

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2208c Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2208 Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2208 Pn

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2208 Pn Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2212 2tc 2sfx

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2212 2tc 2sfx Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2214 2fx

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2214 2fx Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2214 2fx Sm

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2214 2fx Sm Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2214 2sfx

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2214 2sfx Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2214 2sfx Pn

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2214 2sfx Pn Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2216

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2216 Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2216 Pn

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2216 Pn Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2303 8sp1

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2304 2gc 2sfp

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2304 2gc 2sfp Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2306 2sfp

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Fl Switch 2306 2sfp Firmware

    OS
    Phoenixcontact
    < 3.50
  • Phoenixcontact Fl Switch 2306 2sfp Pn

    HW
    Phoenixcontact
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-41747HIGH7.1ten sam produkt

An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an auth...

CVE-2025-41746HIGH7.1ten sam produkt

An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authe...

CVE-2025-41745HIGH7.1ten sam produkt

An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authen...

CVE-2025-41695HIGH7.1ten sam produkt

An XSS vulnerability in dyn_conn.php can be used by an unauthenticated remote attacker to trick an authenticat...

CVE-2025-41748HIGH7.1ten sam produkt

An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authent...