CVE-2025-41727 | Beckhoff Automation Beckhoff.Device.Manager.XAR Device Manager User Interface unprotected alternate channel (VDE-2025-092)

A vulnerability identified as critical has been detected in Beckhoff Automation Beckhoff.Device.Manager.XAR, MDP software package for TwinCAT, BSD and MDP for Beckhoff RT Linux. This issue affects some unknown processing of the component Device Manager User Interface. The manipulation leads to unprotected alternate channel.

This vulnerability is referenced as CVE-2025-41727. The attack can only be performed from a local environment. No exploit is available.

You should upgrade the affected component.

CVE-2025-41727 | Beckhoff Automation Beckhoff.Device.Manager.XAR Device Manager User Interface unprotected alternate channel (VDE-2025-092)

Post correlati

CVE-2023-42957 | Apple watchOS permission

CVE-2025-6204 | Dassault Systèmes DELMIA Apriso up to 2025 code injection (EUVD-2025-23494)

CVE-2024-5787 | PowerPack Addons for Elementor Plugin up to 2.7.20 on WordPress Link Effects Widget cross site scripting

CVE-2023-6765 | SourceCodester Online Tours & Travels Management System 1.0 email_setup.php prepare name sql injection