CVE-2025-41697

Home/CVE/An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentia

CVE

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentia

An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.

MEDIUM · CVSS 6.8 EPSS 0.00026

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-1299Missing Protection Mechanism for Alternate Hardware Interface

▤

Affected Products & Versions

phoenixcontact fl switch 2708 pn firmware< 3.50
phoenixcontact fl switch 2708 firmware< 3.50
phoenixcontact fl switch 2608 pn firmware< 3.50
phoenixcontact fl switch 2608 firmware< 3.50
phoenixcontact fl switch 2516 pn firmware< 3.50
phoenixcontact fl switch 2516 firmware< 3.50
phoenixcontact fl switch 2514-2sfp pn firmware< 3.50
phoenixcontact fl switch 2514-2sfp firmware< 3.50
Show all 60 affected productsphoenixcontact fl switch 2512-2gc-2sfp firmware< 3.50
phoenixcontact fl switch 2508 pn firmware< 3.50
phoenixcontact fl switch 2508\/k1 firmware< 3.50
phoenixcontact fl switch 2508 firmware< 3.50
phoenixcontact fl switch 2506-2sfp pn firmware< 3.50
phoenixcontact fl switch 2506-2sfp\/k1 firmware< 3.50
phoenixcontact fl switch 2506-2sfp firmware< 3.50
phoenixcontact fl switch 2504-2gc-2sfp firmware< 3.50
phoenixcontact fl switch 2416 pn firmware< 3.50
phoenixcontact fl switch 2416 firmware< 3.50
phoenixcontact fl switch 2414-2sfx pn firmware< 3.50
phoenixcontact fl switch 2414-2sfx firmware< 3.50
phoenixcontact fl switch 2412-2tc-2sfx firmware< 3.50
phoenixcontact fl switch 2408 pn firmware< 3.50
phoenixcontact fl switch 2408 firmware< 3.50
phoenixcontact fl switch 2406-2sfx pn firmware< 3.50
phoenixcontact fl switch 2406-2sfx firmware< 3.50
phoenixcontact fl switch 2404-2tc-2sfx firmware< 3.50
phoenixcontact fl switch 2316 pn firmware< 3.50
phoenixcontact fl switch 2316\/k1 firmware< 3.50
phoenixcontact fl switch 2316 firmware< 3.50
phoenixcontact fl switch 2314-2sfp pn firmware< 3.50
phoenixcontact fl switch 2314-2sfp firmware< 3.50
phoenixcontact fl switch 2312-2gc-2sfp firmware< 3.50
phoenixcontact fl switch 2308 pn firmware< 3.50
phoenixcontact fl switch 2308 firmware< 3.50
phoenixcontact fl switch 2306-2sfp pn firmware< 3.50
phoenixcontact fl switch 2306-2sfp firmware< 3.50
phoenixcontact fl switch 2304-2gc-2sfp firmware< 3.50
phoenixcontact fl switch 2303-8sp1< 3.50
phoenixcontact fl switch 2216 pn firmware< 3.50
phoenixcontact fl switch 2216 firmware< 3.50
phoenixcontact fl switch 2214-2sfx pn firmware< 3.50
phoenixcontact fl switch 2214-2sfx firmware< 3.50
phoenixcontact fl switch 2214-2fx sm firmware< 3.50
phoenixcontact fl switch 2214-2fx firmware< 3.50
phoenixcontact fl switch 2212-2tc-2sfx firmware< 3.50
phoenixcontact fl switch 2208c firmware< 3.50
phoenixcontact fl switch 2208 pn firmware< 3.50
phoenixcontact fl switch 2208 firmware< 3.50
phoenixcontact fl switch 2207-fx sm firmware< 3.50
phoenixcontact fl switch 2207-fx firmware< 3.50
phoenixcontact fl switch 2206c-2fx firmware< 3.50
phoenixcontact fl switch 2206-2sfx pn firmware< 3.50
phoenixcontact fl switch 2206-2sfx firmware< 3.50
phoenixcontact fl switch 2206-2fx st firmware< 3.50
phoenixcontact fl switch 2206-2fx sm st firmware< 3.50
phoenixcontact fl switch 2206-2fx sm firmware< 3.50
phoenixcontact fl switch 2206-2fx firmware< 3.50
phoenixcontact fl switch 2205 firmware< 3.50
phoenixcontact fl switch 2204-2tc-2sfx firmware< 3.50
phoenixcontact fl switch 2116 firmware< 3.50

▣

Scoring & Timeline

6.8

MEDIUM · CVSS v3.1 · info@cert.vde.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD09 Dec 2025 · 04:17 PM

CVSS VectorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC triage · cisa-vulnrichment

Exploitation

none

Automatable

Technical impact

total

SSVC asks the questions that actually drive patch urgency: is it being exploited, can attacks be automated, and how total is the impact.

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://certvde.com/de/advisories/VDE-2025-071Third Party Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin