CVE-2025-41670 | Phoenix Contact VPLCNEXT CONTROL 500 up to 2026.0.2 uncontrolled search path (VDE-2026-050)

May 27, 2026 Yanac

A vulnerability categorized as problematic has been discovered in Phoenix Contact AXC F 1152, AXC F 1252, AXC F 2000 EA, AXC F 2152, AXC F 3152, BPC 9102S, EPC 1522, RFC 4072R, RFC 4072S, VL3 UPC 2440 EDGE, VPLCNEXT CONTROL 1000, VPLCNEXT CONTROL 2000, VPLCNEXT CONTROL 3000 and VPLCNEXT CONTROL 500 up to 2026.0.2. This impacts an unknown function. Executing a manipulation can lead to uncontrolled search path.

This vulnerability appears as CVE-2025-41670. The attack requires local access. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More