Vulnerabilities Allow Disruption of Phoenix Contact UPS Devices

Vulnerabilities Allow Disruption of Phoenix Contact UPS Devices

Posted on By CWS

Phoenix Contact this week introduced patches for a number of vulnerabilities affecting its QUINT4 uninterruptible energy provide (UPS) merchandise. 

The seller has fastened 5 vulnerabilities that may be exploited by distant, unauthenticated attackers for denial-of-service (DoS) assaults and to acquire login credentials. 

4 of the vulnerabilities, tracked as CVE-2025-41703, CVE-2025-41704, CVE-2025-41706 and CVE-2025-41707, might be exploited for DoS assaults. 

In response to IT/OT cybersecurity agency CyberDanube, whose researchers reported the issues to Phoenix Contact, an attacker can exploit these vulnerabilities to place gadgets in a everlasting DoS situation, stopping distant restoration. 

CVE-2025-41703 is attention-grabbing because it permits an unauthenticated attacker to make use of a Modbus command to show off the output of a UPS system.

CyberDanube instructed SecurityWeek that CVE-2025-41703 might be described as a ‘harmful perform exploitation’ that results in a so-called ‘denial of energy service’. 

One other flaw, CVE-2025-41705, has been described as a password data leakage situation that may enable an unauthenticated attacker in an MitM place to intercept Webfrontend passwords. 

In response to Phoenix Contact’s advisory (direct PDF obtain), the vulnerabilities have an effect on a number of QUINT4-UPS EtherNet/IP product fashions and so they have been patched with the discharge of firmware model VC:07, apart from CVE-2025-41703, which apparently can’t be addressed as it might disrupt authentic performance. Commercial. Scroll to proceed studying.

As a mitigation, Phoenix Contact recommends utilizing affected gadgets solely in remoted industrial networks and defending them with a firewall. 

These merchandise are designed to be used solely in remoted environments and CyberDanube instructed SecurityWeek that it has not discovered any internet-exposed gadgets.

If a company had been to show them to the web, an attacker would have the ability to exploit the issues immediately over the net. Nevertheless, typically the attacker would first want to achieve entry to the community housing the UPS gadgets earlier than exploiting the vulnerabilities.

Associated: Fuji Electrical HMI Configurator Flaws Expose Industrial Organizations to Hacking

Associated: Many Assaults Aimed toward EU Focused OT, Says Cybersecurity Company

Associated: No Patches for Vulnerabilities Permitting Cognex Industrial Digital camera Hacking

Security Week News Tags:, , , , ,

Related Posts

Malicious Code on Unity Website Skims Information From Hundreds of Customers Malicious Code on Unity Website Skims Information From Hundreds of Customers Security Week News
IoT Security Firm Exein Raises Million  IoT Security Firm Exein Raises $81 Million  Security Week News
Exposed Docker APIs Likely Exploited to Build Botnet Exposed Docker APIs Likely Exploited to Build Botnet Security Week News
MITRE Publishes Post-Quantum Cryptography Migration Roadmap MITRE Publishes Post-Quantum Cryptography Migration Roadmap Security Week News
High-Severity Vulnerabilities Patched by Cisco, Atlassian High-Severity Vulnerabilities Patched by Cisco, Atlassian Security Week News
ClickFix Attacks Against macOS Users Evolving ClickFix Attacks Against macOS Users Evolving Security Week News