CVE-2025-41712 Incorrect Permission Assignment on power analyzer

🗓️ 10 Mar 2026 08:27:10Reported by CERTVDEType

Unauthenticated attacker uploads manipulated HTML to access data via weak web server permissions.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-41712	10 Mar 202607:23	–	circl
CNNVD	Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 安全漏洞	10 Mar 202600:00	–	cnnvd
CVE	CVE-2025-41712	10 Mar 202608:27	–	cve
EUVD	EUVD-2025-208470	10 Mar 202618:31	–	euvd
NVD	CVE-2025-41712	10 Mar 202618:17	–	nvd
Positive Technologies	PT-2026-24186	10 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-41712	11 Mar 202613:19	–	redhatcve
Vulnrichment	CVE-2025-41712 Incorrect Permission Assignment on power analyzer	10 Mar 202608:27	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "UMG 96RM-E 24V(5222063)",
    "vendor": "Janitza",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "0.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "UMG 96RM-E 230V(5222062)",
    "vendor": "Janitza",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "0.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ENERGY METER 750-230 (2540910000)",
    "vendor": "Weidmueller",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "0.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ENERGY METER 750-24 (2540900000)",
    "vendor": "Weidmueller",
    "versions": [
      {
        "lessThanOrEqual": "3.13",
        "status": "affected",
        "version": "0.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
certvde	www.certvde.com/en/advisories/VDE-2025-079/
weidmueller	www.weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json
janitza	www.janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json
certvde	www.certvde.com/en/advisories/VDE-2025-096/

10 Mar 2026 08:27Current

CVSS 3.16.5

EPSS0.00042

CWE-732