CVE-2025-48862
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-48862
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用未维护的第三方组件
Source: NVD (National Vulnerability Database)
Vulnerability Title
BOSCH ctrlX OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
BOSCH ctrlX OS是德国BOSCH公司的一个基于Linux的实时操作系统。 BOSCH ctrlX OS存在安全漏洞,该漏洞源于备份文件加密描述不明确,可能导致用户误解备份文件加密状态。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Bosch Rexroth AG | ctrlX OS - Setup | 1.20.0 ~ 1.20.1 | - |
II. Public POCs for CVE-2025-48862
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-48862
请登录查看更多情报信息。
Same Patch Batch · Bosch Rexroth AG · 2025-08-14 · 3 CVEs total
| CVE-2025-48860 | 8.0 HIGH | Bosch Rexroth ctrlX OS 安全漏洞 |
| CVE-2025-48861 | 5.3 MEDIUM | BOSCH ctrlX OS 安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-1104
- CVE-2026-41468
Beghelli Sicuro24 SicuroWeb AngularJS Sandbox Escape via Tem - CVE-2025-55277
HCL Aftermarket DPC is affected by Use of Vulnerable/Outdate - CVE-2025-12104
Incorrect Content-Type Header - CVE-2025-52658
HCL MyXalytics is affected by the use of vulnerable/outdated - CVE-2025-34192
Vasion Print (formerly PrinterLogic) Usage of Outdated and U
V. Comments for CVE-2025-48862
No comments yet