CVE-2025-25269— Local Privilege Escalation via Unauthenticated Command Injection

CVSS 8.4 · High EPSS 0.20% · P41 Updated Jul 11, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-25269

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Local Privilege Escalation via Unauthenticated Command Injection

Source: NVD (National Vulnerability Database)

Vulnerability Description

An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Source: NVD (National Vulnerability Database)

Vulnerability Title

PHOENIX CONTACT多款产品操作系统命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PHOENIX CONTACT CHARX SEC-3050等都是德国菲尼克斯电气（PHOENIX CONTACT）公司的产品。PHOENIX CONTACT CHARX SEC-3050是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3100是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3150是一款AC充电控制器。 PHOENIX CONTACT多款产品存在操作系统命令注入漏洞，该漏洞源于未经认证的本地攻击者可注入随后以root执行的命令，

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Phoenix Contact	CHARX SEC-3150	0.0.0 ~ 1.7.3	-
Phoenix Contact	CHARX SEC-3100	0.0.0 ~ 1.7.3	-
Phoenix Contact	CHARX SEC-3050	0.0.0 ~ 1.7.3	-
Phoenix Contact	CHARX SEC-3000	0.0.0 ~ 1.7.3	-

II. Public POCs for CVE-2025-25269

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-25269

请登录查看更多情报信息。

Same Patch Batch · Phoenix Contact · 2025-07-08 · 13 CVEs total

CVE-2025-25270	9.8 CRITICAL	Remote Code Execution via Unauthenticated Configuration Manipulation
CVE-2025-41666	8.8 HIGH	Phoenix Contact: File access due to the replacement of a critical file used by the watchdo
CVE-2025-41667	8.8 HIGH	Phoenix Contact: File access due to the replacement of a critical file used by the arp-pre
CVE-2025-41668	8.8 HIGH	Phoenix Contact: File access due to the replacement of a critical file used by the service
CVE-2025-25271	8.8 HIGH	OCPP Backend Configuration via Insecure Defaults
CVE-2025-25268	8.8 HIGH	Unauthenticated Configuration Access via Exposed API Endpoint
CVE-2025-24003	8.2 HIGH	MQTT OOB Write Vulnerability in EichrechtAgents of German EV Charging Stations
CVE-2025-24005	7.8 HIGH	Local Privilege Escalation via Vulnerable SSH Script
CVE-2025-24006	7.8 HIGH	Privilege Escalation via Insecure SSH Permissions
CVE-2025-41665	6.5 MEDIUM	Phoenix Contact: DoS of the PLC due to incorrect default permissions possible
CVE-2025-24002	5.3 MEDIUM	MQTT DoS Vulnerability in German EV Charging Stations
CVE-2025-24004	5.2 MEDIUM	USB-C Buffer Overflow via Display Interface in EV Charging Stations

IV. Related Vulnerabilities

Same product: CHARX SEC-3150

Same vendor: Phoenix Contact

Same weakness: CWE-78

V. Comments for CVE-2025-25269

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-25269— Local Privilege Escalation via Unauthenticated Command Injection

I. Basic Information for CVE-2025-25269

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-25269

III. Intelligence Information for CVE-2025-25269

Same Patch Batch · Phoenix Contact · 2025-07-08 · 13 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-25269

Leave a comment