CVE-2025-41647

medium

Description

A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions.

References

https://certvde.com/en/advisories/VDE-2025-043/

Details

Source: Mitre, NVD

Published: 2025-06-25

Updated: 2025-06-26

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N