Skip to main content

CVE-2025-24006: CWE-269 Improper Privilege Management in Phoenix Contact CHARX SEC-3150

High
VulnerabilityCVE-2025-24006cvecve-2025-24006cwe-269
Published: Tue Jul 08 2025 (07/08/2025, 07:00:03 UTC)
Source: CVE Database V5
Vendor/Project: Phoenix Contact
Product: CHARX SEC-3150

Description

A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.

AI-Powered Analysis

AILast updated: 07/08/2025, 07:24:55 UTC

Technical Analysis

CVE-2025-24006 is a high-severity vulnerability affecting the Phoenix Contact CHARX SEC-3150 device, identified as an instance of CWE-269: Improper Privilege Management. This vulnerability allows a low-privileged local attacker to escalate their privileges to root by exploiting insecure permissions configured on the device's SSH service. Specifically, the issue arises from improper permission settings that permit an attacker with limited access to leverage SSH to gain full administrative control over the device. The CVSS v3.1 base score of 7.8 reflects the significant impact on confidentiality, integrity, and availability, with an attack vector requiring local access but low complexity and no user interaction. The vulnerability affects version 0.0.0 of the CHARX SEC-3150, and as of the published date, no patches or known exploits in the wild have been reported. The CHARX SEC-3150 is an industrial device used in critical infrastructure environments, making this vulnerability particularly concerning for operational technology (OT) security. Exploitation could lead to complete system compromise, unauthorized control over device functions, and potential disruption of industrial processes.

Potential Impact

For European organizations, especially those operating in industrial sectors such as energy, manufacturing, and utilities, this vulnerability poses a significant risk. The CHARX SEC-3150 is likely deployed in environments where secure and reliable operation is critical. An attacker gaining root access could manipulate device configurations, disrupt charging infrastructure operations, or pivot to other parts of the network, potentially causing widespread operational disruptions. Confidentiality breaches could expose sensitive operational data, while integrity and availability impacts could lead to safety hazards or financial losses. Given the local access requirement, insider threats or attackers who have gained initial footholds in the network could exploit this vulnerability to escalate privileges and deepen their access, complicating incident response efforts.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should immediately audit and restrict SSH permissions on all CHARX SEC-3150 devices, ensuring that only trusted administrators have access. Network segmentation should be enforced to limit local access to these devices, reducing the attack surface. Implementing strict access control policies, including multi-factor authentication for SSH access where possible, will further reduce risk. Monitoring and logging SSH access attempts can help detect suspicious activities early. Since no patches are currently available, organizations should engage with Phoenix Contact for updates and consider temporary compensating controls such as disabling SSH access if operationally feasible. Additionally, conducting regular security assessments and penetration tests on OT environments will help identify and remediate privilege escalation vectors proactively.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
CERTVDE
Date Reserved
2025-01-16T15:48:36.250Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686cc4256f40f0eb72f24267

Added to database: 7/8/2025, 7:09:25 AM

Last enriched: 7/8/2025, 7:24:55 AM

Last updated: 8/13/2025, 6:37:35 AM

Views: 22

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats