| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| DaUM | < 2025.3.1 |
A privilege escalation vulnerability exists in Phoenix Contact Device and Update Management prior to version 2025.3.1 due to misconfigured permissions on nssm.exe in the DAUM-WINDOWS-SERVICE. This misconfiguration allows a low-privileged local user to execute arbitrary code with administrative privileges.
A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.
The products installer allows privileges escalation to admin rights caused by the nssm.exe. Nssm.exe is an open-source tool designed to simplify the management of Windows services. The permissions on the nssm.exe were not secured properly, this could allow an attack to escalate privileges from a low privileged user to an administrator.
General Recommendation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note.
Remediation
Update to the latest 2025.3.1 DaUM Version.
CERT@VDE coordinated with Phoenix Contact GmbH & Co. KG.