CVE-2025-48860 is a high-severity vulnerability (CVSS 8.0) affecting Bosch Rexroth AG's ctrlX OS - Setup web application. The flaw is categorized under CWE-284, indicating improper access control. Specifically, the vulnerability allows an authenticated attacker with low privileges to remotely access backup archives that were created by users with elevated permissions. These backup archives may contain sensitive data, potentially exposing confidential information. The vulnerability exists in multiple affected versions of the product (1.20.0, 2.6.0, and 3.6.0). Exploitation requires authentication and some user interaction, but the attack complexity is low and the vulnerability can be exploited remotely over the network. The impact on confidentiality, integrity, and availability is high, as attackers can access sensitive data and potentially manipulate or disrupt system operations. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is particularly concerning because ctrlX OS is used in industrial automation and control systems, where unauthorized access to backup data could lead to operational disruptions or leakage of proprietary information.

For European organizations, especially those in manufacturing, industrial automation, and critical infrastructure sectors that utilize Bosch Rexroth's ctrlX OS, this vulnerability poses a significant risk. Unauthorized access to backup archives could lead to exposure of sensitive operational data, intellectual property, and system configurations. This could facilitate further attacks, including sabotage, espionage, or disruption of industrial processes. Given the integration of ctrlX OS in automation environments, exploitation could also impact safety systems and production continuity, leading to financial losses and reputational damage. The high severity and remote exploitation capability make it a critical concern for European companies relying on these systems.

Organizations should immediately audit access controls around the ctrlX OS - Setup web application, ensuring that backup archives are protected with strict permissions and are not accessible to low-privileged users. Implement network segmentation to isolate management interfaces and restrict access to trusted personnel only. Monitor authentication logs for unusual access patterns and enforce multi-factor authentication to reduce the risk of credential compromise. Until official patches are released, consider disabling remote access to the setup web application or restricting it via firewall rules. Additionally, conduct regular backups stored securely offline to prevent unauthorized access. Engage with Bosch Rexroth for timely updates and apply patches as soon as they become available. Finally, perform security assessments and penetration testing focused on access control mechanisms within the ctrlX OS environment.