{“lastseen”:””,”description”:”A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not sufficiently protected against modification by low-privileged users. As the service runs with elevated privileges, successful exploitation may result in a local privilege escalation.”,”published”:”2026-05-27T07:17:43.775Z”,”modified”:”2026-05-27T07:17:43.775Z”,”type”:”cve”,”title”:”Untrusted Search Path”,”source”:”CERTVDE”,”references”:”https:\/\/www.certvde.com\/en\/advisories\/VDE-2026-050\/”,”id”:”CVE-2025-41670″,”bulletinFamily”:””,”cwe”:[“CWE-427″],”cvelist”:null,”sourceData”:”Phoenix Contact AXC F 1152 0.0.0\\nPhoenix Contact AXC F 1252 0.0.0\\nPhoenix Contact AXC F 2000 EA 0.0.0\\nPhoenix Contact AXC F 2152 0.0.0\\nPhoenix Contact AXC F 3152 0.0.0\\nPhoenix Contact BPC 9102S 0.0.0\\nPhoenix Contact EPC 1522 0.0.0\\nPhoenix Contact RFC 4072R 0.0.0\\nPhoenix Contact RFC 4072S 0.0.0\\nPhoenix Contact VL3 UPC 2440 EDGE 0.0.0\\nPhoenix Contact VPLCNEXT CONTROL 1000 0.0.0\\nPhoenix Contact VPLCNEXT CONTROL 2000 0.0.0\\nPhoenix Contact VPLCNEXT CONTROL 3000 0.0.0\\nPhoenix Contact VPLCNEXT CONTROL 500 0.0.0″,”sourceHref”:””,”cvss”:{“score”:8.7,”severity”:”HIGH”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”AXC F 1152″,”version”:”0.0.0″,”vendor”:”Phoenix Contact”,”ai_description”:”Untrusted search path vulnerability allowing local privilege escalation”,”ai_severity”:”High”,”ai_vendor”:”Phoenix Contact”,”ai_product”:”AXC F 1152, AXC F 1252, AXC F 2000 EA, AXC F 2152, AXC F 3152, BPC 9102S, EPC 1522, RFC 4072R, RFC 4072S, VL3 UPC 2440 EDGE, VPLCNEXT CONTROL 1000, VPLCNEXT CONTROL 2000, VPLCNEXT CONTROL 3000, VPLCNEXT CONTROL 500″,”ai_version”:”0.0.0″,”ai_score”:8.7}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,19,12,15,13,7,11,5],"class_list":["post-57214","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-87","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n