What is CVE-2025-41697?

CVE-2025-41697 is a medium-severity vulnerability in Phoenix Contact Fl Nat 2008, classified under CWE-1299. CVSS score: 6.8/10. Published 2025-12-09.

How severe is CVE-2025-41697?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Vulnerability in Phoenix Contact Fl Nat 2008

CVE-2025-41697

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.

EPSS: 0.000 (7.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Phoenix Contact Fl Nat 2008 — versions 0.0.0
Phoenix Contact Fl Nat 2208 — versions 0.0.0
Phoenix Contact Fl Nat 2304-2gc-2sfp — versions 0.0.0
Phoenix Contact Fl Switch 2005 — versions 0.0.0
Phoenix Contact Fl Switch 2008 — versions 0.0.0
Phoenix Contact Fl Switch 2008f — versions 0.0.0
Phoenix Contact Fl Switch 2016 — versions 0.0.0
Phoenix Contact Fl Switch 2105 — versions 0.0.0
Phoenix Contact Fl Switch 2108 — versions 0.0.0
Phoenix Contact Fl Switch 2116 — versions 0.0.0

Weakness classification (CWE)

CWE-1299

References

certvde.com/de/advisories/VDE-2025-071

Frequently asked questions

What is CVE-2025-41697?: CVE-2025-41697 is a medium-severity vulnerability in Phoenix Contact Fl Nat 2008, classified under CWE-1299. CVSS score: 6.8/10. Published 2025-12-09.
How severe is CVE-2025-41697?: Medium severity. CVSS v3 base score is 6.8 out of 10.