CVE-2025-40743
HIGHSINUMERIK 828D/840D/ONE/MC Authentication Bypass via VNC Access Service
Title source: llmDescription
A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5), SINUMERIK ONE (All versions < V6.25 SP1), SINUMERIK ONE V6.15 (All versions < V6.15 SP5). The affected application improperly validates authentication for its VNC access service, allowing access with insufficient password verification. This could allow an attacker to gain unauthorized remote access and potentially compromise system confidentiality, integrity, or availability.
References (1)
Core 1
Core References
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-177847.html
Scores
CVSS v3
8.3
EPSS
0.0023
EPSS Percentile
13.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-288
Status
published
Products (7)
Siemens/SINUMERIK 828D PPU.4
< V4.95 SP5
Siemens/SINUMERIK 828D PPU.5
< V5.25 SP1
Siemens/SINUMERIK 840D sl
< V4.95 SP5
Siemens/SINUMERIK MC
< V1.25 SP1
Siemens/SINUMERIK MC V1.15
< V1.15 SP5
Siemens/SINUMERIK ONE
< V6.25 SP1
Siemens/SINUMERIK ONE V6.15
< V6.15 SP5
Published
Aug 12, 2025
Tracked Since
Feb 18, 2026