Vulnerability in Codesys Control For Beaglebone Sl
CVE-2025-41659
A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although…
EPSS: 0.002 (10.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L.
Affected products
- Codesys Control For Beaglebone Sl — versions 0.0.0.0
- Codesys Control For Empc-a/imx6 Sl — versions 0.0.0.0
- Codesys Control For Iot2000 Sl — versions 0.0.0.0
- Codesys Control For Linux Arm Sl — versions 0.0.0.0
- Codesys Control For Linux Sl — versions 0.0.0.0
- Codesys Control For Pfc100 Sl — versions 0.0.0.0
- Codesys Control For Pfc200 Sl — versions 0.0.0.0
- Codesys Control For Plcnext Sl — versions 0.0.0.0
- Codesys Control For Raspberry Pi Sl — versions 0.0.0.0
- Codesys Control For Wago Touch Panels 600 Sl — versions 0.0.0.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-41659?
- CVE-2025-41659 is a high-severity vulnerability in Codesys Control For Beaglebone Sl, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 8.3/10. Published 2025-08-04.
- How severe is CVE-2025-41659?
- High severity. CVSS v3 base score is 8.3 out of 10.