CVE-2025-41659
CODESYS Control PKI Exposure Enables Remote Certificate Access
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Affected products
CODESYS · Control for BeagleBone SLCODESYS · Control for emPC-A/iMX6 SLCODESYS · Control for IOT2000 SLCODESYS · Control for Linux ARM SLCODESYS · Control for Linux SLCODESYS · Control for PFC100 SLCODESYS · Control for PFC200 SLCODESYS · Control for PLCnext SLCODESYS · Control for Raspberry Pi SLCODESYS · Control for WAGO Touch Panels 600 SLCODESYS · Control RTE (for Beckhoff CX) SLCODESYS · Control RTE (SL)CODESYS · Control Win (SL)CODESYS · HMI (SL)CODESYS · Runtime ToolkitCODESYS · Virtual Control SLWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →