SpirityCVE

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Janitza	Umg 96rm-e 230v(5222062) Umg 96rm-e 24v(5222063)
Weidmueller	Energy Meter 750-230 (2540910000) Energy Meter 750-24 (2540900000)

No data.

References

Link	Providers
https://www.spirityenterprise.com/virtual-ciso
https://certvde.com/en/advisories/VDE-2025-079/
https://certvde.com/en/advisories/VDE-2025-096/
https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json
https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json

History

Wed, 11 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Janitza Janitza umg 96rm-e 230v(5222062) Janitza umg 96rm-e 24v(5222063) Weidmueller Weidmueller energy Meter 750-230 (2540910000) Weidmueller energy Meter 750-24 (2540900000)
Vendors & Products		Janitza Janitza umg 96rm-e 230v(5222062) Janitza umg 96rm-e 24v(5222063) Weidmueller Weidmueller energy Meter 750-230 (2540910000) Weidmueller energy Meter 750-24 (2540900000)

Tue, 10 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 10 Mar 2026 08:30:00 +0000

Type	Values Removed	Values Added
Description		An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges.
Title		Use of Hard-coded Credentials in power analyzer
Weaknesses		CWE-798
References		https://certvde.com/en/advisories/VDE-2025-079/ https://certvde.com/en/advisories/VDE-2025-096/ https://janitza.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-079.json https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2025-096.json
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2026-03-10T08:26:30.909Z

Updated: 2026-03-10T16:51:47.193Z

Reserved: 2025-04-16T11:17:48.311Z

Link: CVE-2025-41710

Vulnrichment

Updated: 2026-03-10T15:58:01.093Z

NVD

Status : Awaiting Analysis

Published: 2026-03-10T18:17:56.187

Modified: 2026-03-11T13:53:47.157

Link: CVE-2025-41710

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object