JVN#42282226
Phoenix Contact CHARX SEC-3xxx vulnerable to code injection
Overview
CHARX SEC-3xxx provided by Phoenix Contact contains a code injection vulnerability.
Products Affected
- CHARX SEC-3150 Firmware versions prior to 1.7.4
- CHARX SEC-3100 Firmware versions prior to 1.7.4
- CHARX SEC-3050 Firmware versions prior to 1.7.4
- CHARX SEC-3000 Firmware versions prior to 1.7.4
Description
CHARX SEC-3xxx provided by Phoenix Contact contains the following vulnerability.
- Code injection (CWE-94)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.7
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.8
- CVE-2025-41699
Impact
A low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code ('Code Injection').
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Phoenix Contact | Application Note Security (PDF) |
References
-
VDE CERT
VDE-2025-074: Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Ryo Kato of Panasonic Holdings Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
|
| JVN iPedia |
JVNDB-2025-000086 |