CVE-2025-41696

Q: What is the severity of CVE-2025-41696?

CVE-2025-41696 has a CVSS score of 4.6 (MEDIUM). This vulnerability allows attackers to use an undocumented UART port on the PCB as a side-channel to gain read access to parts of the device's filesystem. Attackers must first obtain hardcoded credentials from CVE-2025-41692. This affects devices with exposed UART ports and the referenced credential vulnerability.

4.6 MEDIUM

📋 TL;DR

This vulnerability allows attackers to use an undocumented UART port on the PCB as a side-channel to gain read access to parts of the device's filesystem. Attackers must first obtain hardcoded credentials from CVE-2025-41692. This affects devices with exposed UART ports and the referenced credential vulnerability.

💻 Affected Systems

Products:

Specific products not listed in provided reference

Versions: Unknown - Refer to vendor advisory

Operating Systems: Embedded/Linux-based systems

Default Config Vulnerable: ⚠️ Yes

Notes: Requires both exposed UART port and compromised credentials from CVE-2025-41692.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full filesystem read access leading to credential extraction, configuration exposure, and potential lateral movement within the network.

🟠

Likely Case

Limited read access to non-critical files, potentially exposing device configuration and operational data.

🟢

If Mitigated

No access if UART ports are physically secured and credentials from CVE-2025-41692 are not available.

🌐 Internet-Facing: LOW - Requires physical or local access to UART port.

🏢 Internal Only: MEDIUM - Insider threats or attackers with physical access could exploit this.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires physical access to UART port and prior credential compromise from CVE-2025-41692.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://certvde.com/de/advisories/VDE-2025-071

Restart Required: No

Instructions:

1. Check vendor advisory for specific patches. 2. Apply firmware updates if available. 3. Disable or secure UART ports if possible.

🔧 Temporary Workarounds

Physical UART Port Protection

all

Physically secure or disable UART ports on device PCBs

Credential Rotation

all

Change hardcoded credentials referenced in CVE-2025-41692

🧯 If You Can't Patch

Physically secure devices to prevent UART port access
Implement network segmentation to limit lateral movement

🔍 How to Verify

Check if Vulnerable:

Check for exposed UART ports on device PCB and verify if CVE-2025-41692 credentials are present

Check Version:

Check device firmware version via vendor-specific commands

Verify Fix Applied:

Verify UART ports are physically secured and credentials from CVE-2025-41692 are changed

📡 Detection & Monitoring

Log Indicators:

Unexpected serial console access attempts
Authentication attempts with hardcoded credentials

Network Indicators:

Unusual serial communication patterns if monitored

SIEM Query:

Search for serial port access events or authentication attempts with known hardcoded credentials

📊 Metadata

CVE ID: CVE-2025-41696

CVSS v3 Score: 4.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-798

EPSS Score: 0.02% exploit probability (5.5th percentile)

Published: December 9, 2025

Last Updated: December 19, 2025

🔗 References

https://certvde.com/de/advisories/VDE-2025-071 Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fl Nat 2008 Firmware by Phoenixcontact

Fl Nat 2208 Firmware by Phoenixcontact

Fl Nat 2304 2gc 2sfp Firmware by Phoenixcontact

Fl Switch 2005 Firmware by Phoenixcontact

Fl Switch 2008 Firmware by Phoenixcontact

Fl Switch 2008f Firmware by Phoenixcontact

Fl Switch 2016 Firmware by Phoenixcontact

Fl Switch 2105 Firmware by Phoenixcontact

Fl Switch 2108 Firmware by Phoenixcontact

Fl Switch 2116 Firmware by Phoenixcontact

Fl Switch 2204 2tc 2sfx Firmware by Phoenixcontact

Fl Switch 2205 Firmware by Phoenixcontact

Fl Switch 2206 2fx Firmware by Phoenixcontact

Fl Switch 2206 2fx Sm Firmware by Phoenixcontact

Fl Switch 2206 2fx Sm St Firmware by Phoenixcontact

Fl Switch 2206 2fx St Firmware by Phoenixcontact

Fl Switch 2206 2sfx Firmware by Phoenixcontact

Fl Switch 2206 2sfx Pn Firmware by Phoenixcontact

Fl Switch 2206c 2fx Firmware by Phoenixcontact

Fl Switch 2207 Fx Firmware by Phoenixcontact

Fl Switch 2207 Fx Sm Firmware by Phoenixcontact

Fl Switch 2208 Firmware by Phoenixcontact

Fl Switch 2208 Pn Firmware by Phoenixcontact

Fl Switch 2208c Firmware by Phoenixcontact

Fl Switch 2212 2tc 2sfx Firmware by Phoenixcontact

Fl Switch 2214 2fx Firmware by Phoenixcontact

Fl Switch 2214 2fx Sm Firmware by Phoenixcontact

Fl Switch 2214 2sfx Firmware by Phoenixcontact

Fl Switch 2214 2sfx Pn Firmware by Phoenixcontact

Fl Switch 2216 Firmware by Phoenixcontact

Fl Switch 2216 Pn Firmware by Phoenixcontact

Fl Switch 2303 8sp1 by Phoenixcontact

Fl Switch 2304 2gc 2sfp Firmware by Phoenixcontact

Fl Switch 2306 2sfp Firmware by Phoenixcontact

Fl Switch 2306 2sfp Pn Firmware by Phoenixcontact

Fl Switch 2308 Firmware by Phoenixcontact

Fl Switch 2308 Pn Firmware by Phoenixcontact

Fl Switch 2312 2gc 2sfp Firmware by Phoenixcontact

Fl Switch 2314 2sfp Firmware by Phoenixcontact

Fl Switch 2314 2sfp Pn Firmware by Phoenixcontact

Fl Switch 2316 Firmware by Phoenixcontact

Fl Switch 2316 Pn Firmware by Phoenixcontact

Fl Switch 2316\/k1 Firmware by Phoenixcontact

Fl Switch 2404 2tc 2sfx Firmware by Phoenixcontact

Fl Switch 2406 2sfx Firmware by Phoenixcontact

Fl Switch 2406 2sfx Pn Firmware by Phoenixcontact

Fl Switch 2408 Firmware by Phoenixcontact

Fl Switch 2408 Pn Firmware by Phoenixcontact

Fl Switch 2412 2tc 2sfx Firmware by Phoenixcontact

Fl Switch 2414 2sfx Firmware by Phoenixcontact

Fl Switch 2414 2sfx Pn Firmware by Phoenixcontact

Fl Switch 2416 Firmware by Phoenixcontact

Fl Switch 2416 Pn Firmware by Phoenixcontact

Fl Switch 2504 2gc 2sfp Firmware by Phoenixcontact

Fl Switch 2506 2sfp Firmware by Phoenixcontact

Fl Switch 2506 2sfp Pn Firmware by Phoenixcontact

Fl Switch 2506 2sfp\/k1 Firmware by Phoenixcontact

Fl Switch 2508 Firmware by Phoenixcontact

Fl Switch 2508 Pn Firmware by Phoenixcontact

Fl Switch 2508\/k1 Firmware by Phoenixcontact

Fl Switch 2512 2gc 2sfp Firmware by Phoenixcontact

Fl Switch 2514 2sfp Firmware by Phoenixcontact

Fl Switch 2514 2sfp Pn Firmware by Phoenixcontact

Fl Switch 2516 Firmware by Phoenixcontact

Fl Switch 2516 Pn Firmware by Phoenixcontact

Fl Switch 2608 Firmware by Phoenixcontact

Fl Switch 2608 Pn Firmware by Phoenixcontact

Fl Switch 2708 Firmware by Phoenixcontact

Fl Switch 2708 Pn Firmware by Phoenixcontact