Product
CVE-2025-41669 allows a remote, low-privileged engineer user to install additional, potentially malicious, applications on the PLCnext Control device without data verification, leading to arbitrary code execution with root privileges and impacting system integrity and availability.