CNNVD-202507-867 Information

CNNVD ID

CNNVD-202507-867

Related CVE

CVE-2025-25270

• CNNVD Published: 2025-07-08

Description (Chinese)

PHOENIX CONTACT CHARX SEC-3050等都是德国菲尼克斯电气（PHOENIX CONTACT）公司的产品。PHOENIX CONTACT CHARX SEC-3050是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3100是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3150是一款AC充电控制器。 PHOENIX CONTACT多款产品存在安全漏洞，该漏洞源于未经认证的远程攻击者可修改设备配置，在特定配置下以root身份执行远程代码。以下产品及版本受到影响：PHOENIX CONTACT CHARX SEC-3150、PHOENIX CONTACT CHARX SEC-3100和PHOENIX CONTACT CHARX SEC-3050

Description (English)

PHOENIX CONTACT CHARX SEC-3050 and others are products of PHOENIX CONTACT, Germany. PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3100 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3150 is an AC charge controller. PHOENIX CONTACT has a safety gap in its multiple products, which stems from the fact that uncertified long-range assailants can modify the equipment configuration to implement remote code as root under a specific configuration. The following products and versions have been affected: PHOENIX CONTACH SEC-3150, PHOENIX CONTACT CHARX SEC-3100 and PHOENIX CONTACT CHARX SEC-3050

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Phoenix Site

Published

2025-07-08

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2025-019

Patch

https://www.phoenixcontact.com/en-us/