CVE-2025-41731

Name of the Vulnerable Software and Affected Versions Jumo variTRON300 (affected versions not specified)

Description A flaw exists in the password generation algorithm when accessing the debug interface. An unauthenticated local attacker who knows the password generation timeframe may be able to brute force the password and gain root access to the device if the debug interface remains enabled. The issue relates to insufficient entropy in the pseudorandom number generator (PRNG) used for password creation.

Recommendations Disable the debug interface to prevent exploitation. Monitor access to the debug interface for any suspicious activity.