Analysis Summary

CVE-2025-29999 CVSS:6.7

Siemens License Server (SLS) could allow a remote attacker to execute arbitrary code on the system, caused by lack of proper validation for searching executable files in the application folder, which allows placing a malicious executable in the same directory and leads to code execution.

CVE-2025-30000 CVSS:6.7

Siemens License Server (SLS) could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improperly restricting permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges.

CVE-2025-30280 CVSS:5.3

A vulnerability exists in multiple versions of Mendix Runtime across V8, V9, and V10. The security issue affects applications built on these runtime versions, allowing an unauthenticated remote attacker to perform entity enumeration. By analyzing client action responses, an attacker can potentially list all valid entities and attribute names within a Mendix Runtime-based application. This vulnerability is present in Mendix Runtime V10 versions before V10.21.0, V10.12, V10.18, V10.6, and all versions of V8 and V9 before V9.24.34. The distinguishable responses in certain client actions enable an attacker to map out the underlying application structure without requiring authentication.

CVE-2024-54092 CVSS:9.8

A vulnerability exists in multiple Industrial Edge Device Kit versions for arm64 and x86-64 platforms (V1.17 to V1.21), Industrial Edge Own Device, Industrial Edge Virtual Device, SCALANCE LPE9413, and several SIMATIC IPC Industrial Edge Devices. The security issue involves improper user authentication enforcement on specific API endpoints when identity federation is active. An unauthenticated remote attacker could potentially bypass authentication and impersonate a legitimate user. To successfully exploit this vulnerability, identity federation must be currently or previously used, and the attacker must know the identity of a valid user.

CVE-2024-41794 CVSS:10

A severe vulnerability exists in SENTRON 7KT PAC1260 Data Manager across all versions. The device contains hardcoded credentials that enable unauthenticated remote attackers to gain root-level access to the device's operating system. If an attacker knows these predetermined credentials and the SSH service is enabled (potentially through exploitation of CVE-2024-41793), they could obtain full control of the device without authentication.

CVE-2024-41795 CVSS:6.5

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices is vulnerable to Cross-Site Request Forgery (CSRF) attacks. This could allow an unauthenticated malicious user to change arbitrary device settings by tricking a legitimate device administrator to click on a malicious link.

CVE-2024-41796 CVSS:6.5

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices allows to change the login password without knowing the current password. In combination with a prepared CSRF attack (CVE-2024-41795) an unauthenticated attacker could be able to set the password to an attacker-controlled value.

CVE-2024-41792 CVSS:8.6

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices contains a path traversal vulnerability. This could allow an unauthenticated attacker it to access arbitrary files on the device with root privileges.

CVE-2024-41793 CVSS:8.6

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device via ssh.

CVE-2024-41789 CVSS:9.1

A critical vulnerability exists in SENTRON 7KT PAC1260 Data Manager across all software versions. The web interface of these devices contains a security weakness in its language parameter handling for specific POST requests. An authenticated remote attacker could potentially leverage this vulnerability to execute arbitrary code with root-level system privileges.

CVE-2024-41790 CVSS:9.1

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

CVE-2024-41791 CVSS:7.3

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not authenticate report creation requests. This could allow an unauthenticated remote malicious user to read or clear the log files on the device, reset the device or set the date and time.

CVE-2024-41788 CVSS:9.1

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote malicious user to execute arbitrary code with root privileges.

Impact

• Gain Access
• Code Execution
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2025-29999
• CVE-2025-30000
• CVE-2025-30280
• CVE-2024-54092
• CVE-2024-41794
• CVE-2024-41795
• CVE-2024-41796
• CVE-2024-41792
• CVE-2024-41793
• CVE-2024-41789
• CVE-2024-41790
• CVE-2024-41791
• CVE-2024-41788

Affected Vendors

Affected Products

• Siemens License Server (SLS)
• Siemens Mendix Runtime V8 – V9 – V10 – V10.6 - V10.12- V10.18
• Siemens Industrial Edge Device Kit - arm64 V1.17 - arm64 V1.18 - arm64 V1.19 - arm64 V1.20 - arm64 V1.21
• Siemens SENTRON 7KT PAC1260 Data Manager

Remediation

Refer to Siemens Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-29999

CVE-2025-30000

CVE-2025-30280

CVE-2024-54092

CVE-2024-41794

CVE-2024-41795

CVE-2024-41796

CVE-2024-41792

CVE-2024-41793

CVE-2024-41789

CVE-2024-41790

CVE-2024-41791

CVE-2024-41788