July 9, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Vidar Malware – Active IOCs
July 9, 2025Multiple Cisco Splunk Enterprise Vulnerabilities
July 9, 2025Vidar Malware – Active IOCs
July 9, 2025Multiple Cisco Splunk Enterprise Vulnerabilities
July 9, 2025
Severity
High
Analysis Summary
CVE-2025-40742 CVSS:5.3
A vulnerability has been identified in various SIPROTEC 5 devices. The affected devices include session identifiers in URL requests for certain functionalities. This could allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access.
CVE-2025-40738 CVSS:8.8
A vulnerability has been identified in Siemens SINEC NMS. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges.
CVE-2025-40737 CVSS:8.8
A vulnerability has been identified in SINEC NMS. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges.
CVE-2025-40736 CVSS:9.8
A vulnerability has been identified in SINEC NMS. The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application.
CVE-2025-40735 CVSS:8.8
A vulnerability has been identified in SINEC NMS. The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database.
CVE-2025-40593 CVSS:6.5
A vulnerability has been identified in SIMATIC CN 4100. The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition.
Impact
- Denial of Service
- Gain Access
- Privileges Access
Indicators of Compromise
CVE
CVE-2025-40742
CVE-2025-40738
CVE-2025-40737
CVE-2025-40736
CVE-2025-40735
CVE-2025-40593
Affected Vendors
Siemens
Affected Products
- Siemens SINEC NMS
- Siemens SIPROTEC 5 6MD89 (CP300)
- Siemens SIPROTEC 5 6MD85 (CP300)
- Siemens SIPROTEC 5 6MD84 (CP300)
- Siemens SIPROTEC 5 6MD86 (CP300)
- Siemens SIMATIC CN 4100
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.