CVE-2025-40743

HIGH

SINUMERIK - Auth Bypass

Title source: llm

Description

A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5), SINUMERIK ONE (All versions < V6.25 SP1), SINUMERIK ONE V6.15 (All versions < V6.15 SP5). The affected application improperly validates authentication for its VNC access service, allowing access with insufficient password verification. This could allow an attacker to gain unauthorized remote access and potentially compromise system confidentiality, integrity, or availability.

References (1)

[Vendor Advisory] https://cert-portal.siemens.com/productcert/html/ssa-177847.html

Scores

CVSS v3 8.3

EPSS 0.0003

EPSS Percentile 8.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-288

Status published

Products (7)

Siemens/SINUMERIK 828D PPU.4 < V4.95 SP5

Siemens/SINUMERIK 828D PPU.5 < V5.25 SP1

Siemens/SINUMERIK 840D sl < V4.95 SP5

Siemens/SINUMERIK MC < V1.25 SP1

Siemens/SINUMERIK MC V1.15 < V1.15 SP5

Siemens/SINUMERIK ONE < V6.25 SP1

Siemens/SINUMERIK ONE V6.15 < V6.15 SP5

Published Aug 12, 2025

Tracked Since Feb 18, 2026