CVE-2025-41669

The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...

EUVD-2025-25276

Malicious code in bioql PyPI...

CVE-2025-8453

CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation and arbitrary code execution when a privileged engineer user with console access modifies a configuration file used by a root-level daemon to execute custom scripts...

CVE-2025-8453

CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation and arbitrary code execution when a privileged engineer user with console access modifies a configuration file used by a root-level daemon to execute custom scripts...

CVE-2025-8453

CVE-2025-8453 describes a CWE-269 vulnerability in Schneider Electric Saitel DR RTU (and related RTU products) where a privileged engineer with console access can modify a configuration file used by a root‑level daemon to execute scripts, enabling privilege escalation and potential arbitrary code...

PT-2025-34053 · Unknown · Root-Level Daemon

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A CWE-269: Improper Privilege Management issue exists that may lead to privilege escalation and arbitrary code execution. This occurs when a privileged engineer user with console access modifies a...