Description

A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.

INFO

Published Date :

2026-03-24T07:41:43.004Z

Last Modified :

2026-03-24T13:16:02.920Z

Source :

CERTVDE
AFFECTED PRODUCTS

The following products are affected by CVE-2025-41660 vulnerability.

Vendors Products
Codesys
  • Codesys Hmi (sl)
  • Control For Beaglebone Sl
  • Control For Empc-a/imx6 Sl
  • Control For Iot2000 Sl
  • Control For Linux Arm Sl
  • Control For Linux Sl
  • Control For Pfc100 Sl
  • Control For Pfc200 Sl
  • Control For Plcnext Sl
  • Control For Raspberry Pi Sl
  • Control For Wago Touch Panels 600 Sl
  • Control Rte (sl)
  • Control Rte \(for Beckhoff Cx\) Sl
  • Control Win (sl)
  • Runtime Toolkit
  • Virtual Control Sl
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-41660.

URL Resource
https://certvde.com/de/advisories/VDE-2026-011 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact