CVE-2025-41731

CVSS v3.1

7.4

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jumo variTRON300 (affected versions not specified)

Description A flaw exists in the password generation algorithm when accessing the debug interface. An unauthenticated local attacker who knows the password generation timeframe may be able to brute force the password and gain root access to the device if the debug interface remains enabled. The issue relates to insufficient entropy in the pseudorandom number generator (PRNG) used for password creation.

Recommendations Disable the debug interface to prevent exploitation. Monitor access to the debug interface for any suspicious activity.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-338

Related Identifiers

BDU:2026-00038

CVE-2025-41731

Affected Products

Jumo Varitron300

CVE-2025-41731

Weakness Enumeration

Related Identifiers

Affected Products

References · 11