{ "document": { "acknowledgments": [ { "names": [ "Andrea Palanca" ], "organization": "Nozomi Networks", "summary": "These vulnerabilities have been uncovered and disclosed responsibly by Andrea Palanca from Nozomi Networks . We thank him for making a responsible disclosure with us. " } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "With respect to Directive (EU) 2019/770 and Directive (EU) 2019/771 and their national transposition laws, please note:\n\nIt is your responsibility to download and/or install any security updates provided by us, for example to maintain product or data security. If you fail to install a security update provided to you within a reasonable period of time, we will not be liable for any product defect solely due to the absence of such security update.\n\nAlternatively, we are entitled to directly download and/or install security updates regardless of your settings. In these cases, we will provide you with the relevant information, e.g. in this security advisory. ", "title": "Security Update Information" }, { "category": "summary", "text": "The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges. The vulnerabilities have been uncovered and disclosed responsibly by Nozomi. We thank them for making a responsible disclosure with us. ", "title": "Summary" }, { "text": "The vulnerabilities affected by CVE-2025-24338, CVE-2025-24340, CVE-2025-24341, CVE-2025-24343, CVE-2025-24345, CVE-2025-24346, CVE-2025-24347, CVE-2025-24348, CVE-2025-24349, CVE-2025-24350, CVE-2025-24351, and CVE-2025-27352 cannot be exploited remotely without prior authentication. To exploit the vulnerabilities, an attacker must be logged in on the device and must be permitted to use at least one of the affected functionalities on the device. Therefore, only assign permissions following the \"Least-Privilege\" principle. Additionally, ensure that strong password policies are enforced for all user accounts. The default password policies of ctrlX OS are considered sufficiently strong.", "category": "general", "title": "Additional mitigation remarks" }, { "text": "Vulnerability classification has been performed using the CVSS v3.1 scoring system . The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring. ", "title": "CVSS Scoring", "category": "general" } ], "publisher": { "category": "vendor", "contact_details": "psirt@bosch.com", "name": "Robert Bosch GmbH", "namespace": "https://psirt.bosch.com/" }, "references": [ { "category": "self", "summary": "Bosch Security Advisories", "url": "https://psirt.bosch.com/security-advisories" }, { "category": "self", "summary": "Bosch Rexroth Advisories", "url": "https://www.boschrexroth.com/en/dc/product-security/security-advisories/" } ], "title": "BOSCH-SA-640452", "tracking": { "generator": { "engine": { "name": "Secvisogram", "version": "2.5.24" }, "date": "2025-04-24T15:04:16.805Z" }, "id": "BOSCH-SA-640452", "initial_release_date": "2025-04-25T06:00:00.000Z", "revision_history": [ { "date": "2025-04-25T10:00:00.000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1", "current_release_date": "2025-04-25T06:00:00.000Z" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:device_admin/>=1.12.0|<=1.12.9", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS vers:device_admin/>=1.12.0|<=1.12.9", "product_id": "CSAFPID-0001" } }, { "name": "vers:device_admin/>=1.20.0|<=1.20.7", "category": "product_version_range", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS vers:device_admin/>=1.20.0|<=1.20.7", "product_id": "CSAFPID-0002" } }, { "name": "vers:device_admin/>=2.6.0|<=2.6.8", "category": "product_version_range", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS vers:device_admin/>=2.6.0|<=2.6.8", "product_id": "CSAFPID-0003" } }, { "name": "v2.6.0", "category": "product_version", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS v2.6.0", "product_id": "CSAFPID-0009" } }, { "name": "vers:solutions/>=1.12.0|<=1.12.1", "category": "product_version_range", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS vers:device_admin/>=1.12.0|<=1.12.1", "product_id": "CSAFPID-0010" } }, { "name": "vers:solutions/>=1.20.0|<=1.20.1", "category": "product_version_range", "product": { "name": "Bosch Rexroth Bosch Rexroth AG ctrlX OS vers:solutions/>=1.20.0|<=1.20.1", "product_id": "CSAFPID-0011" } } ], "category": "product_name", "name": "Bosch Rexroth AG ctrlX OS " } ], "category": "vendor", "name": "Bosch Rexroth" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-24338", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user’s browser via multiple crafted HTTP requests. " } ], "product_status": { "known_affected": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "temporalScore": 7.1, "temporalSeverity": "HIGH", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ] }, { "cve": "CVE-2025-24339", "cwe": { "id": "CWE-644", "name": "Improper Neutralization of HTTP Headers for Scripting Syntax" }, "notes": [ { "category": "description", "text": "A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the vulnerable system, including web cache poisoning or Man-in-the-Middle (MitM), via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, { "category": "mitigation", "details": "Make sure that all links are verified before clicking them and always access ctrlX OS using the secure https address, only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "baseScore": 5, "baseSeverity": "MEDIUM", "temporalScore": 5, "temporalSeverity": "MEDIUM", "environmentalScore": 5, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24340", "cwe": { "id": "CWE-916", "name": "Use of Password Hash With Insufficient Computational Effort" }, "notes": [ { "category": "description", "text": "A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24341", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "text": "A vulnerability in the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to induce a Denial-of-Service (DoS) condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device. ", "category": "description" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24342", "cwe": { "id": "CWE-204", "name": "Observable Response Discrepancy" }, "notes": [ { "category": "description", "text": "A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, { "category": "mitigation", "details": "Make sure that for all user accounts strong password policies are set so that even when an attacker is able to determine that a specific account exists, brute-forcing the password is not feasible ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "environmentalScore": 5.3, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24343", "cwe": { "id": "CWE-23", "name": "Relative Path Traversal" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM", "temporalScore": 5.4, "temporalSeverity": "MEDIUM", "environmentalScore": 5.4, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW" }, "products": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ] }, { "cve": "CVE-2025-24344", "cwe": { "id": "CWE-81", "name": "Improper Neutralization of Script in an Error Message Web Page" }, "notes": [ { "category": "description", "text": " A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another user’s browser via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] }, { "category": "mitigation", "details": "Make sure that artefacts are coming from a trustworthy source before uploading them to ctrlX OS ", "product_ids": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "temporalScore": 6.3, "temporalSeverity": "MEDIUM", "environmentalScore": 6.3, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW" }, "products": [ "CSAFPID-0009", "CSAFPID-0010", "CSAFPID-0011" ] } ] }, { "cve": "CVE-2025-24345", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the “hosts” file in an unintended manner via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "category": "mitigation", "product_ids": [ "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "temporalScore": 6.3, "temporalSeverity": "MEDIUM", "environmentalScore": 6.3, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW" }, "products": [ "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24346", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Proxy” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to manipulate the “/etc/environment” file via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "temporalScore": 7.5, "temporalSeverity": "HIGH", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24347", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the network configuration file via a crafted HTTP request. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ], "category": "mitigation" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24348", "notes": [ { "category": "description", "text": "A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to manipulate the wireless network configuration file via a crafted HTTP request." } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM", "temporalScore": 5.4, "temporalSeverity": "MEDIUM", "environmentalScore": 5.4, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24349", "cwe": { "id": "CWE-183", "name": "Permissive List of Allowed Inputs" }, "notes": [ { "text": "A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to delete the configuration of physical network interfaces via a crafted HTTP request. ", "category": "description" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "baseScore": 7.1, "baseSeverity": "HIGH", "temporalScore": 7.1, "temporalSeverity": "HIGH", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24350", "cwe": { "id": "CWE-23", "name": "Relative Path Traversal" }, "notes": [ { "text": "A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request. ", "category": "description" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "category": "mitigation", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "baseScore": 7.1, "baseSeverity": "HIGH", "temporalScore": 7.1, "temporalSeverity": "HIGH", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-24351", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" }, "notes": [ { "text": " A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request. ", "category": "description" } ], "product_status": { "known_affected": [ "CSAFPID-0002", "CSAFPID-0003" ] }, "remediations": [ { "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "category": "mitigation", "product_ids": [ "CSAFPID-0002", "CSAFPID-0003" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "temporalScore": 8.8, "temporalSeverity": "HIGH", "environmentalScore": 8.8, "environmentalSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "products": [ "CSAFPID-0002", "CSAFPID-0003" ] } ] }, { "cve": "CVE-2025-27532", "cwe": { "id": "CWE-312", "name": "Cleartext Storage of Sensitive Information" }, "notes": [ { "category": "description", "text": "A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests. " } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "remediations": [ { "category": "mitigation", "details": "Updated versions of the affected components are available for all LTS releases. The user is strongly recommended to update to the latest versions. The update of the apps might require a reboot of the device and the device will therefore temporarily become unavailable. To verify that the updated versions are installed, please check the version by using the package management of the device. ", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] } ] }