Zurück zur Übersicht

Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation

VDE-2025-063
Last update
12.08.2025 12:00
Published at
12.08.2025 12:00
Vendor(s)
Phoenix Contact GmbH & Co. KG
External ID
VDE-2025-063
CSAF Document

Summary

A privilege escalation vulnerability exists in Phoenix Contact Device and Update Management prior to version 2025.3.1 due to misconfigured permissions on nssm.exe in the DAUM-WINDOWS-SERVICE. This misconfiguration allows a low-privileged local user to execute arbitrary code with administrative privileges.

Impact

The products installer allows privileges escalation to admin rights caused by the nssm.exe. Nssm.exe is an open-source tool designed to simplify the management of Windows services.
The permissions on the nssm.exe were not secured properly, this could allow an attack to escalate privileges from a low privileged user to an administrator.

Affected Product(s)

Model no. Product name Affected versions
1542953 DaUM <2025.3.1 DaUM <2025.3.1

Vulnerabilities

Expand / Collapse all

Published
24.09.2025 12:38
Weakness
Missing Authentication for Critical Function (CWE-306)
Summary

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.

References

Remediation

Update to the latest 2025.3.1 DaUM Version.

Acknowledgments

Phoenix Contact GmbH & Co. KG thanks the following parties for their efforts:

Revision History

Version Date Summary
1 12.08.2025 12:00 Initial