{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T02:44:37.445","vulnerabilities":[{"cve":{"id":"CVE-2025-24003","sourceIdentifier":"info@cert.vde.com","published":"2025-07-08T07:15:23.943","lastModified":"2025-07-11T14:36:12.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations."},{"lang":"es","value":"Un atacante remoto no autenticado puede usar mensajes MQTT para activar escrituras fuera de los límites en estaciones de carga que cumplen con la Ley de calibración alemana, lo que genera una pérdida de integridad solo para EichrechtAgents y una posible denegación de servicio para estas estaciones."}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.5","matchCriteriaId":"6338C05A-3F0E-408E-98B1-51B2EAE05F5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*","matchCriteriaId":"D1095269-9D5A-4557-BA9D-33B49AAA339F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.5","matchCriteriaId":"AC6EA57F-57E6-437F-8035-3B714A4E824C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*","matchCriteriaId":"775BA5ED-968B-4759-BA39-50F9EAB29169"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.5","matchCriteriaId":"160F031E-81BB-466B-808D-6BF46D28BD17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*","matchCriteriaId":"F498BFB3-3C39-4F0B-9775-0B4F891D866C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.5","matchCriteriaId":"7B0E8722-3BCD-4360-BF23-7BC020A28D51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*","matchCriteriaId":"32916BED-0241-4787-960C-7A4E8E1DDED7"}]}]}],"references":[{"url":"https://certvde.com/en/advisories/VDE-2025-014","source":"info@cert.vde.com","tags":["Third Party Advisory"]}]}}]}