Analysis Summary

CVE-2025-40571 CVSS:2.2

A vulnerability has been identified in Mendix OIDC SSO, Mendix OIDC SSO. The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.

CVE-2025-40555 CVSS:4.7

A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet). Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.

CVE-2025-40556 CVSS:6.5

A vulnerability has been identified in BACnet ATEC 550-440, BACnet ATEC 550-441, BACnet ATEC 550-445, BACnet ATEC 550-446. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

CVE-2025-30175 CVSS:7.5

A vulnerability has been identified in SIMATIC PCS neo V4.1, SIMATIC PCS neo V5.0, SINEC NMS, SINEMA Remote Connect, Totally Integrated Automation Portal (TIA Portal) V17, Totally Integrated Automation Portal (TIA Portal) V18, Totally Integrated Automation Portal (TIA Portal) V19, Totally Integrated Automation Portal (TIA Portal) V20, User Management Component (UMC). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

CVE-2025-30176 CVSS:7.5

A vulnerability has been identified in SIMATIC PCS neo V4.1, SIMATIC PCS neo V5.0, SINEC NMS, SINEMA Remote Connect, Totally Integrated Automation Portal (TIA Portal) V17, Totally Integrated Automation Portal (TIA Portal) V18, Totally Integrated Automation Portal (TIA Portal) V19, Totally Integrated Automation Portal (TIA Portal) V20, User Management Component (UMC). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

CVE-2025-32454 CVSS:7.8

A vulnerability has been identified in Teamcenter Visualization V14.3, Teamcenter Visualization V2312, Teamcenter Visualization V2406, Teamcenter Visualization V2412. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.

CVE-2025-31929 CVSS:4.2

Siemens VersiCharge AC Series could allow a physical attacker to execute arbitrary code on the system, caused by not contain an immutable root of trust in M0 hardware.

CVE-2025-31930 CVSS:8.8

Siemens VersiCharge AC Series could allow a remote attacker to control the EV charger, caused by Modbus service is enabled by default.

Impact

• Denial of Service
• Buffer Overflow
• Code Execution
• Security Bypass

Indicators of Compromise

CVE

• CVE-2025-40571

• CVE-2025-40555

• CVE-2025-40556

• CVE-2025-30175

• CVE-2025-30176

• CVE-2025-32454

• CVE-2025-31929

• CVE-2025-31930

Affected Vendors

Affected Products

• Siemens SINEC NMS
• Siemens Sinema Remote Connect
• Siemens IEC 1Ph 7.4kW Child socket
• Siemens IEC 1Ph 7.4kW Child socket/ shutter
• Siemens IEC 1Ph 7.4kW Parent cable 7m
• Siemens IEC 1Ph 7.4kW Parent cable 7m incl. SIM
• Siemens IEC 1Ph 7.4kW Parent socket
• Siemens IEC 1Ph 7.4kW Parent socket incl. SIM
• Siemens IEC 1Ph 7.4kW Parent socket/ shutter
• Siemens IEC 1Ph 7.4kW Parent socket/ shutter SIM
• Siemens IEC 3Ph 22kW Child socket
• Siemens IEC 3Ph 22kW Child socket/ shutter
• Siemens Mendix OIDC SSO (Mendix 10 compatible)
• Siemens Mendix OIDC SSO (Mendix 9 compatible)
• Siemens APOGEE PXC+TALON TC Series (BACnet)
• Siemens BACnet ATEC 550-440
• Siemens BACnet ATEC 550-441
• Siemens BACnet ATEC 550-446
• Siemens SIMATIC PCS neo V4.1
• Siemens SIMATIC PCS neo V5.0
• Siemens Totally Integrated Automation Portal (TIA Portal) V18
• Siemens Totally Integrated Automation Portal (TIA Portal) V20
• Siemens Totally Integrated Automation Portal (TIA Portal) V19
• Siemens User Management Component (UMC)
• Siemens Teamcenter Visualization - 14.3
• Siemens Teamcenter Visualization - 2312
• Siemens Teamcenter Visualization - 2406
• Siemens Teamcenter Visualization - 2412

Remediation

Refer to Siemens Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-40571

CVE-2025-40555

CVE-2025-40556

CVE-2025-30175

CVE-2025-30176

CVE-2025-32454

CVE-2025-31929

CVE-2025-31930