CVE-2025-0694

EUVD-2025-7368
Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
CERTVDECNA
6.6 MEDIUM
PHYSICAL
LOW
LOW
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
codesyscontrol_for_beaglebone_sl
𝑥
< 4.16.0.0
CNA
codesyscontrol_for_beaglebone_sl
𝑥
< 3.5.21.0
CNA
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2025-015