CVE-2025-41726 — HIGH (8.8)

Vulnerability Description

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-190

References

https://certvde.com/de/advisories/VDE-2025-092

FAQ

What is CVE-2025-41726?

CVE-2025-41726 is a vulnerability with a CVSS score of 8.8 (HIGH). A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then...

How severe is CVE-2025-41726?

CVE-2025-41726 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-41726?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.