{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-41728", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2025-04-16T11:17:48.318Z", "datePublished": "2026-01-27T11:37:55.689Z", "dateUpdated": "2026-01-27T13:49:51.297Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Beckhoff.Device.Manager.XAR", "vendor": "Beckhoff Automation", "versions": [{"lessThan": "2.5.3", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "MDP software package for TwinCAT/BSD", "vendor": "Beckhoff Automation", "versions": [{"lessThan": "1.7.0.0", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "MDP for Beckhoff RT Linux(R)", "vendor": "Beckhoff Automation", "versions": [{"lessThan": "0.0.5", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Diego Giubertoni from Nozomi Networks"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.<br>"}], "value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-01-27T11:37:55.689Z"}, "references": [{"url": "https://certvde.com/de/advisories/VDE-2025-092"}], "source": {"advisory": "VDE-2025-092", "defect": ["CERT@VDE#641867"], "discovery": "UNKNOWN"}, "title": "Beckhoff: Information leak via Beckhoff Device Manager", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-27T13:49:39.412692Z", "id": "CVE-2025-41728", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T13:49:51.297Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41728", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-27T13:49:39.412692Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-27T13:49:46.225Z"}}], "cna": {"title": "Beckhoff: Information leak via Beckhoff Device Manager", "source": {"defect": ["CERT@VDE#641867"], "advisory": "VDE-2025-092", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Diego Giubertoni from Nozomi Networks"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Beckhoff Automation", "product": "Beckhoff.Device.Manager.XAR", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "2.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Beckhoff Automation", "product": "MDP software package for TwinCAT/BSD", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "1.7.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Beckhoff Automation", "product": "MDP for Beckhoff RT Linux(R)", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "0.0.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://certvde.com/de/advisories/VDE-2025-092"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.", "supportingMedia": [{"type": "text/html", "value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-01-27T11:37:55.689Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41728", "state": "PUBLISHED", "dateUpdated": "2026-01-27T13:49:51.297Z", "dateReserved": "2025-04-16T11:17:48.318Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2026-01-27T11:37:55.689Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response."}, {"lang": "es", "value": "Un atacante remoto con privilegios bajos podr\u00eda divulgar informaci\u00f3n confidencial de la memoria de un proceso privilegiado enviando llamadas especialmente dise\u00f1adas al servicio web del Administrador de dispositivos que causan una operaci\u00f3n de lectura fuera de l\u00edmites bajo ciertas circunstancias debido a ASLR y, por lo tanto, copiar potencialmente informaci\u00f3n confidencial en una respuesta."}], "id": "CVE-2025-41728", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2026-01-27T12:15:57.717", "references": [{"source": "info@cert.vde.com", "url": "https://certvde.com/de/advisories/VDE-2025-092"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}

{"created": "2026-01-27T20:16:34.362655+00:00", "updated": "2026-01-27T20:16:34.362679+00:00", "vendors": ["beckhoff", "beckhoff$PRODUCT$beckhoff.device.manager.xar", "beckhoff$PRODUCT$mdp_package", "beckhoff$PRODUCT$twincat", "beckhoff$PRODUCT$twincat/bsd"]}