CVE-2025-41700 – CODESYS Development System – Deserialization of Untrusted Data

CVE ID : CVE-2025-41700

Published : Dec. 1, 2025, 10:02 a.m. | 22 minutes ago

Description : An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…