CVE-2025-41703 Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command

🗓️ 14 Oct 2025 08:05:23Reported by CERTVDEType

Unauthenticated remote attacker can shut down the UPS via Modbus commands, causing denial of service.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-41703	14 Oct 202513:40	–	circl
CNNVD	Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP 访问控制错误漏洞	14 Oct 202500:00	–	cnnvd
CVE	CVE-2025-41703	14 Oct 202508:05	–	cve
EUVD	EUVD-2025-34150	14 Oct 202508:05	–	euvd
NVD	CVE-2025-41703	14 Oct 202508:15	–	nvd
Positive Technologies	PT-2025-41853	14 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-41703	15 Oct 202508:45	–	redhatcve
The Hacker News	⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More	20 Oct 202512:27	–	thn
Vulnrichment	CVE-2025-41703 Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command	14 Oct 202508:05	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "QUINT4-UPS/24DC/24DC/5/EIP",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "VC:07",
        "status": "affected",
        "version": "VC:00",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QUINT4-UPS/24DC/24DC/10/EIP",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "VC:07",
        "status": "affected",
        "version": "VC:00",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QUINT4-UPS/24DC/24DC/20/EIP",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "VC:07",
        "status": "affected",
        "version": "VC:00",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QUINT4-UPS/24DC/24DC/40/EIP",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "VC:07",
        "status": "affected",
        "version": "VC:00",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
certvde	www.certvde.com/de/advisories/VDE-2025-072

14 Oct 2025 08:05Current

CVSS 3.17.5

EPSS0.00195

CWE-306