CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults

🗓️ 08 Jul 2025 07:01:33Reported by CERTVDEType

Insecure defaults allow unauthenticated attackers to configure OCPP backend settings easily.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-25271	8 Jul 202507:09	–	circl
CNNVD	PHOENIX CONTACT CHARX SEC 安全漏洞	8 Jul 202500:00	–	cnnvd
CVE	CVE-2025-25271	8 Jul 202507:01	–	cve
EUVD	EUVD-2025-20401	3 Oct 202520:07	–	euvd
NVD	CVE-2025-25271	8 Jul 202507:15	–	nvd
OSV	CVE-2025-25271	8 Jul 202507:15	–	osv
Positive Technologies	PT-2025-28348 · Phoenix Contact · Charx Sec-3000 +7	8 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-25271	10 Jul 202507:24	–	redhatcve
Vulnrichment	CVE-2025-25271 OCPP Backend Configuration via Insecure Defaults	8 Jul 202507:01	–	vulnrichment
Zero Day Initiative	(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability	22 Jul 202500:00	–	zdi

[
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3150",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "1.7.3",
        "status": "affected",
        "version": "0.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3100",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "1.7.3",
        "status": "affected",
        "version": "0.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3050",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "1.7.3",
        "status": "affected",
        "version": "0.0.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CHARX SEC-3000",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "1.7.3",
        "status": "affected",
        "version": "0.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
certvde	www.certvde.com/de/advisories/VDE-2025-019

22 Jul 2025 07:50Current

CVSS 3.18.8

EPSS0.00288

CWE-1188