CVE-2025-41682 is a high-severity vulnerability (CVSS 8.8) affecting the Bender CC612 charge controller, specifically version 5.30.2. The vulnerability is classified under CWE-522, which pertains to insufficiently protected credentials. In this case, an attacker with authenticated access but low privileges can extract sensitive credentials stored on the device, including the manufacturer password. The vulnerability does not require user interaction and can be exploited remotely over the network (AV:N), with low attack complexity (AC:L). The attacker must have some level of privileges (PR:L), but no UI is required (UI:N). The impact is severe across confidentiality, integrity, and availability (C:H/I:H/A:H), meaning that an attacker who obtains these credentials could potentially escalate privileges, manipulate device configurations, or disrupt operations. The charge controller is a critical component in managing electrical charging systems, often used in industrial or energy infrastructure contexts. The exposure of manufacturer-level credentials could allow attackers to bypass security controls, deploy malicious firmware, or cause operational failures. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that affected organizations should prioritize mitigation and monitoring to prevent exploitation.

For European organizations, the impact of this vulnerability could be significant, especially for those operating in energy production, industrial automation, or infrastructure sectors where Bender CC612 charge controllers are deployed. Compromise of these devices could lead to unauthorized control over electrical charging systems, potentially causing power disruptions, equipment damage, or safety hazards. The confidentiality breach of manufacturer credentials could enable attackers to move laterally within networks or escalate privileges, increasing the risk of broader operational technology (OT) network compromise. Given the critical nature of energy and industrial sectors in Europe, exploitation could disrupt supply chains, critical infrastructure, and cause economic and safety consequences. Additionally, regulatory frameworks such as NIS2 and GDPR impose strict requirements on protecting critical infrastructure and personal data, so exploitation could also lead to compliance violations and legal repercussions.

1. Immediate mitigation should include restricting authenticated access to the Bender CC612 devices to only trusted and essential personnel, implementing strict network segmentation to isolate these controllers from general IT networks. 2. Employ strong authentication mechanisms and monitor for unusual login attempts or privilege escalations. 3. Since no patch is currently available, consider deploying compensating controls such as VPNs or jump hosts with multi-factor authentication to access the devices. 4. Conduct thorough audits of existing credentials stored on the devices and rotate any manufacturer or default passwords if possible. 5. Implement continuous monitoring and logging of device access and network traffic to detect potential exploitation attempts early. 6. Engage with Bender for updates on patches or firmware upgrades addressing this vulnerability and plan prompt deployment once available. 7. Train operational technology staff on the risks of credential exposure and enforce strict credential management policies. 8. Review and enhance incident response plans to include scenarios involving OT credential compromise.