CVE-2025-41693

MEDIUM EPSS 34.7%
Published Dec 9, 20256mo ago · Modified Jun 17, 20261w ago
4.3 CVSS 3.1
Medium
Find Similar
Published Dec 9, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected.

CVSS Details

Base Score
4.3
Exploitability
2.8
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability Low

Threat Intelligence

EPSS Exploit Probability
34.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-770

Affected Products 138

VendorProductVersionRange
phoenixcontactfl_switch_2708_pn_firmware* <3.50
phoenixcontactfl_switch_2708_pn*any
phoenixcontactfl_switch_2708_firmware* <3.50
phoenixcontactfl_switch_2708*any
phoenixcontactfl_switch_2608_pn_firmware* <3.50
phoenixcontactfl_switch_2608_pn*any
phoenixcontactfl_switch_2608_firmware* <3.50
phoenixcontactfl_switch_2608*any
phoenixcontactfl_switch_2516_pn_firmware* <3.50
phoenixcontactfl_switch_2516_pn*any
phoenixcontactfl_switch_2516_firmware* <3.50
phoenixcontactfl_switch_2516*any
phoenixcontactfl_switch_2514-2sfp_pn_firmware* <3.50
phoenixcontactfl_switch_2514-2sfp_pn*any
phoenixcontactfl_switch_2514-2sfp_firmware* <3.50
phoenixcontactfl_switch_2514-2sfp*any
phoenixcontactfl_switch_2512-2gc-2sfp_firmware* <3.50
phoenixcontactfl_switch_2512-2gc-2sfp*any
phoenixcontactfl_switch_2508_pn_firmware* <3.50
phoenixcontactfl_switch_2508_pn*any
phoenixcontactfl_switch_2508\/k1_firmware* <3.50
phoenixcontactfl_switch_2508\/k1*any
phoenixcontactfl_switch_2508_firmware* <3.50
phoenixcontactfl_switch_2508*any
phoenixcontactfl_switch_2506-2sfp_pn_firmware* <3.50
phoenixcontactfl_switch_2506-2sfp_pn*any
phoenixcontactfl_switch_2506-2sfp\/k1_firmware* <3.50
phoenixcontactfl_switch_2506-2sfp\/k1*any
phoenixcontactfl_switch_2506-2sfp_firmware* <3.50
phoenixcontactfl_switch_2506-2sfp*any
phoenixcontactfl_switch_2504-2gc-2sfp_firmware* <3.50
phoenixcontactfl_switch_2504-2gc-2sfp*any
phoenixcontactfl_switch_2416_pn_firmware* <3.50
phoenixcontactfl_switch_2416_pn*any
phoenixcontactfl_switch_2416_firmware* <3.50
phoenixcontactfl_switch_2416*any
phoenixcontactfl_switch_2414-2sfx_pn_firmware* <3.50
phoenixcontactfl_switch_2414-2sfx_pn*any
phoenixcontactfl_switch_2414-2sfx_firmware* <3.50
phoenixcontactfl_switch_2414-2sfx*any
phoenixcontactfl_switch_2412-2tc-2sfx_firmware* <3.50
phoenixcontactfl_switch_2412-2tc-2sfx*any
phoenixcontactfl_switch_2408_pn_firmware* <3.50
phoenixcontactfl_switch_2408_pn*any
phoenixcontactfl_switch_2408_firmware* <3.50
phoenixcontactfl_switch_2408*any
phoenixcontactfl_switch_2406-2sfx_pn_firmware* <3.50
phoenixcontactfl_switch_2406-2sfx_pn*any
phoenixcontactfl_switch_2406-2sfx_firmware* <3.50
phoenixcontactfl_switch_2406-2sfx*any
phoenixcontactfl_switch_2404-2tc-2sfx_firmware* <3.50
phoenixcontactfl_switch_2404-2tc-2sfx*any
phoenixcontactfl_switch_2316_pn_firmware* <3.50
phoenixcontactfl_switch_2316_pn*any
phoenixcontactfl_switch_2316\/k1_firmware* <3.50
phoenixcontactfl_switch_2316\/k1*any
phoenixcontactfl_switch_2316_firmware* <3.50
phoenixcontactfl_switch_2316*any
phoenixcontactfl_switch_2314-2sfp_pn_firmware* <3.50
phoenixcontactfl_switch_2314-2sfp_pn*any
phoenixcontactfl_switch_2314-2sfp_firmware* <3.50
phoenixcontactfl_switch_2314-2sfp*any
phoenixcontactfl_switch_2312-2gc-2sfp_firmware* <3.50
phoenixcontactfl_switch_2312-2gc-2sfp*any
phoenixcontactfl_switch_2308_pn_firmware* <3.50
phoenixcontactfl_switch_2308_pn*any
phoenixcontactfl_switch_2308_firmware* <3.50
phoenixcontactfl_switch_2308*any
phoenixcontactfl_switch_2306-2sfp_pn_firmware* <3.50
phoenixcontactfl_switch_2306-2sfp_pn*any
phoenixcontactfl_switch_2306-2sfp_firmware* <3.50
phoenixcontactfl_switch_2306-2sfp*any
phoenixcontactfl_switch_2304-2gc-2sfp_firmware* <3.50
phoenixcontactfl_switch_2304-2gc-2sfp*any
phoenixcontactfl_switch_2303-8sp1* <3.50
phoenixcontactfl_switch_2303-8sp1*any
phoenixcontactfl_switch_2216_pn_firmware* <3.50
phoenixcontactfl_switch_2216_pn*any
phoenixcontactfl_switch_2216_firmware* <3.50
phoenixcontactfl_switch_2216*any
phoenixcontactfl_switch_2214-2sfx_pn_firmware* <3.50
phoenixcontactfl_switch_2214-2sfx_pn*any
phoenixcontactfl_switch_2214-2sfx_firmware* <3.50
phoenixcontactfl_switch_2214-2sfx*any
phoenixcontactfl_switch_2214-2fx_sm_firmware* <3.50
phoenixcontactfl_switch_2214-2fx_sm*any
phoenixcontactfl_switch_2214-2fx_firmware* <3.50
phoenixcontactfl_switch_2214-2fx*any
phoenixcontactfl_switch_2212-2tc-2sfx_firmware* <3.50
phoenixcontactfl_switch_2212-2tc-2sfx*any
phoenixcontactfl_switch_2208c_firmware* <3.50
phoenixcontactfl_switch_2208c*any
phoenixcontactfl_switch_2208_pn_firmware* <3.50
phoenixcontactfl_switch_2208_pn*any
phoenixcontactfl_switch_2208_firmware* <3.50
phoenixcontactfl_switch_2208*any
phoenixcontactfl_switch_2207-fx_sm_firmware* <3.50
phoenixcontactfl_switch_2207-fx_sm*any
phoenixcontactfl_switch_2207-fx_firmware* <3.50
phoenixcontactfl_switch_2207-fx*any
phoenixcontactfl_switch_2206c-2fx_firmware* <3.50
phoenixcontactfl_switch_2206c-2fx*any
phoenixcontactfl_switch_2206-2sfx_pn_firmware* <3.50
phoenixcontactfl_switch_2206-2sfx_pn*any
phoenixcontactfl_switch_2206-2sfx_firmware* <3.50
phoenixcontactfl_switch_2206-2sfx*any
phoenixcontactfl_switch_2206-2fx_st_firmware* <3.50
phoenixcontactfl_switch_2206-2fx_st*any
phoenixcontactfl_switch_2206-2fx_sm_st_firmware* <3.50
phoenixcontactfl_switch_2206-2fx_sm_st*any
phoenixcontactfl_switch_2206-2fx_sm_firmware* <3.50
phoenixcontactfl_switch_2206-2fx_sm*any
phoenixcontactfl_switch_2206-2fx_firmware* <3.50
phoenixcontactfl_switch_2206-2fx*any
phoenixcontactfl_switch_2205_firmware* <3.50
phoenixcontactfl_switch_2205*any
phoenixcontactfl_switch_2204-2tc-2sfx_firmware* <3.50
phoenixcontactfl_switch_2204-2tc-2sfx*any
phoenixcontactfl_switch_2116_firmware* <3.50
phoenixcontactfl_switch_2116*any
phoenixcontactfl_switch_2108_firmware* <3.50
phoenixcontactfl_switch_2108*any
phoenixcontactfl_switch_2105_firmware* <3.50
phoenixcontactfl_switch_2105*any
phoenixcontactfl_switch_2016_firmware* <3.50
phoenixcontactfl_switch_2016*any
phoenixcontactfl_switch_2008f_firmware* <3.50
phoenixcontactfl_switch_2008f*any
phoenixcontactfl_switch_2008_firmware* <3.50
phoenixcontactfl_switch_2008*any
phoenixcontactfl_switch_2005_firmware* <3.50
phoenixcontactfl_switch_2005*any
phoenixcontactfl_nat_2304-2gc-2sfp_firmware* <3.50
phoenixcontactfl_nat_2304-2gc-2sfp*any
phoenixcontactfl_nat_2208_firmware* <3.50
phoenixcontactfl_nat_2208*any
phoenixcontactfl_nat_2008_firmware* <3.50
phoenixcontactfl_nat_2008*any

References 1

  • certvde.com https://certvde.com/de/advisories/VDE-2025-071
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.