CVE-2025-41660

CVSS v3.1

8.8

High

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-669

Related Identifiers

CVE-2025-41660

Affected Products

Codesys Control Rte

Codesys Control Rte (For Beckhoff Cx) Sl

Codesys Control Win

Codesys Control For Beaglebone

Codesys Control For Iot2000

Codesys Control For Linux Arm Sl

Codesys Control For Linux

Codesys Control For Pfc100

Codesys Control For Pfc200

Codesys Control For Plcnext

Codesys Control For Raspberry Pi

Codesys Control For Wago Touch Panels 600 Sl

Codesys Control For Empc-A/Imx6

Codesys Hmi

Codesys Runtime Toolkit

Codesys Virtual Control Sl

CVE-2025-41660

Weakness Enumeration

Related Identifiers

Affected Products

References · 2