CVE-2025-41768

Name of the Vulnerable Software and Affected Versions TwinCAT 3 HMI Server (affected versions not specified)

Description An authenticated administrator can inject arbitrary content into the custom CSS field within TwinCAT 3 HMI Server. This injected content is saved on the device and subsequently returned through the login page and error page. The issue involves the ability to modify the visual presentation of these pages, potentially leading to phishing or other malicious activities.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.