CVE-2025-0694 MEDIUM

CVE-2025-0694: CODESYS Control V3 removable media path traversal

Vendor Codesys
Product CODESYS Control for BeagleBone SL
Weakness CWE-22 · Path traversal
Published March 18, 2025
Last update March 18, 2025

CVSS base score

6.6/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.

Key dates

02Disclosure timeline

March 18, 2025 CVE published
March 18, 2025 Record updated

Related vulnerabilities

04Related CVE