CNNVD-202507-865 Information
CNNVD ID
CNNVD-202507-865
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
PHOENIX CONTACT CHARX SEC-3000等都是德国菲尼克斯电气(PHOENIX CONTACT)公司的产品。PHOENIX CONTACT CHARX SEC-3000是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3050是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3100是一个 AC 充电控制器。 PHOENIX CONTACT CHARX SEC-3xxx存在安全漏洞,该漏洞源于低权限本地攻击者可通过SSH利用受影响设备上的不安全权限,导致权限提升至root。
Description (English)
PHOENIX CONTACT CHARX SEC-3000, etc., are products of PHOENIX CONTACT, Germany. PHOENIX CONTACT CHARX SEC-3000 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3100 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3xx has a security loophole, which stems from the fact that low-authority local assailants can use unsafe privileges on the affected equipment through SSH, leading to a rise to root.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Phoenix Site
Published
2025-07-08
Last Modified
2026-02-24
References
https://certvde.com/de/advisories/VDE-2025-014
Patch
https://www.phoenixcontact.com/en-us/
Share on: