3 matches found
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701
Beckhoff TwinCAT 3 Engineering contains a vulnerability (CVE-2025-41701) where deserialization of untrusted data can be triggered by a manipulated project file, allowing an unauthenticated local attacker to execute arbitrary commands in the user’s context. The available connected sources confirm ...