Beckhoff: Arbitrary code execution within privileged processes_CVE-2025-41726

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.

Basic Information

ID CVE-2025-41726

Source CERTVDE

Published Jan 27, 2026 at 11:35

Affected Product

Vendor Beckhoff Automation

Product Beckhoff.Device.Manager.XAR

Version 0.0.0

Affected Versions Beckhoff Automation Beckhoff.Device.Manager.XAR 0.0.0
Beckhoff Automation MDP software package for TwinCAT/BSD 0.0.0
Beckhoff Automation MDP for Beckhoff RT Linux(R) 0.0.0

CWE Classification

CWE-190

References

certvde.com /de/advisories/VDE-2025-092

{
    "lastseen": "",
    "description": "A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.",
    "published": "2026-01-27T11:35:37.391Z",
    "modified": "2026-01-27T11:35:37.391Z",
    "type": "cve",
    "title": "Beckhoff: Arbitrary code execution within privileged processes",
    "source": "CERTVDE",
    "references": "https://certvde.com/de/advisories/VDE-2025-092",
    "id": "CVE-2025-41726",
    "bulletinFamily": "",
    "cwe": [
        "CWE-190"
    ],
    "cvelist": null,
    "sourceData": "Beckhoff Automation Beckhoff.Device.Manager.XAR 0.0.0\nBeckhoff Automation MDP software package for TwinCAT/BSD 0.0.0\nBeckhoff Automation MDP for Beckhoff RT Linux(R) 0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Beckhoff.Device.Manager.XAR",
    "version": "0.0.0",
    "vendor": "Beckhoff Automation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}