Vulnerability Description
An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related Weaknesses (CWE)
References
- https://certvde.com/en/advisories/VDE-2025-079/
- https://certvde.com/en/advisories/VDE-2025-096/
- https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.jso
- https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096
FAQ
What is CVE-2025-41709?
CVE-2025-41709 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device.
How severe is CVE-2025-41709?
CVE-2025-41709 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-41709?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.