CVE-2025-41727

CVSS Score & Metrics

Base Score

7.8 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.

Vulnerability Details

Published Date

January 27, 2026

Last Modified

January 27, 2026

CWE ID

CWE-420

Source

NVD

Vendor

Beckhoff Automation

Product

Beckhoff.Device.Manager.XAR, MDP software package for TwinCAT/BSD, MDP for Beckhoff RT Linux(R)

External References

https://certvde.com/de/advisories/VDE-2025-092

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment