CVE-2025-40771
Published: 14 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-40771 affects multiple Siemens industrial communication processors, including SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0), and SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0), all in versions prior to V2.4.24. The vulnerability arises from improper authentication of configuration connections (CWE-306), which has been assigned a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
An unauthenticated remote attacker on the network can exploit this flaw without privileges or user interaction. Exploitation allows access to configuration data, with potential high impacts on confidentiality, integrity, and availability as indicated by the CVSS metrics.
Siemens Security Advisory SSA-486936 at https://cert-portal.siemens.com/productcert/html/ssa-486936.html details mitigation steps, recommending updates to version V2.4.24 or later for affected devices.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability allows unauthenticated remote exploitation of network-accessible Siemens industrial communication processors, directly mapping to exploitation of public-facing applications for initial access.