CNNVD-202510-2071 Information

CNNVD ID

CNNVD-202510-2071

Related CVE

CVE-2025-41703

• CNNVD Published: 2025-10-14

Description (Chinese)

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP是德国菲尼克斯电气（Phoenix Contact）公司的一款工业级直流不间断电源模块。 Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP存在访问控制错误漏洞，该漏洞源于未经身份验证的攻击者可通过Modbus命令关闭UPS输出，可能导致拒绝服务。

Description (English)

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial-level uninterruptible direct power supply module of Phoenix Contact, Germany. Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP has an error in access control, which stems from the fact that unidentified assailants can shut down UPS exports by Modbus order, which may lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

菲尼克斯电气

Published

2025-10-14

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2025-072

Patch

https://www.phoenixcontact.com/global-search/search?q=QUINT4-UPS%2F24DC%2F24DC%2F10%2FEIP&_locale=zh-CN&_realm=cn