CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-40556 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 7.1
ATTENTION: Exploitable from adjacent network/low attack complexity
Vendor: Siemens
Equipment: BACnet ATEC Devices
Vulnerability: Improper Input Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports the following BACnet ATEC products are affected:
Siemens BACnet ATEC 550-440: All versions
Siemens BACnet ATEC 550-441: All versions
Siemens BACnet ATEC 550-445: All versions
Siemens BACnet ATEC 550-446: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER INPUT VALIDATION CWE-20
Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.
CVE-2025-40556 has been assigned to this vulnerability. A CVSS v3.1 base score of 6...
CVSS: MEDIUM (6.5) EPSS Score: 0.02%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-40555 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 5.3
ATTENTION: Exploitable from adjacent network/low attack complexity
Vendor: Siemens
Equipment: APOGEE PXC and TALON TC Series
Vulnerability: Expected Behavior Violation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a partial denial of service and reduce network availability.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports the following products are affected:
Siemens APOGEE PXC+TALON TC Series: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 EXPECTED BEHAVIOR VIOLATION CWE-440
The affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.
CVE-2025-40555 has been assigned to this vulnerability. A CVSS v3.1 base score of 4.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/...
CVSS: MEDIUM (4.7) EPSS Score: 0.02%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2024-51444 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 7.1
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: Polarion
Vulnerabilities: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Restriction of XML External Entity Reference, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Observable Response Discrepancy
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow attackers to extract data, conduct cross-site scripting attacks or find out valid usernames.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
Polarion V2310: All versions
Polarion V2404: Versions prior to V2404.4 (CVE-2024-51444, CVE-2024-51445, CVE-2024-51446)
Polarion V2404: Versions prior to V2404.2 (CVE-2024-51447)
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89
The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization...
CVSS: MEDIUM (6.5) EPSS Score: 0.06%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-31929 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.7
ATTENTION: Exploitable from adjacent network/low attack complexity
Vendor: Siemens
Equipment: VersiCharge AC Series EV Chargers
Vulnerabilities: Missing Immutable Root of Trust in Hardware, Initialization of a Resource with an Insecure Default
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
Siemens IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0): All versions (CVE-2025-31929)
Siemens IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1): All versions prior to V2.135 (CVE-2025-31930)
Siemens IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2): All versions (CVE-2025-31929)
Siemens IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2): All versions prior to V2.135 (CVE-2025-31930)
Siemens IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1): All versions (CVE-2025-31929)
Siemens IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1): All versions ...
CVSS: MEDIUM (4.2) EPSS Score: 0.03%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-40572 |
Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.5
ATTENTION: Exploitable from adjacent network/low attack complexity
Vendor: Siemens
Equipment: SCALANCE LPE9403
Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Path Traversal: '.../...//', Use of Uninitialized Variable, NULL Pointer Dereference, Out-of-bounds Read, Stack-based Buffer Overflow, Authentication Bypass Using an Alternate Path or Channel, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Cleartext Transmission of Sensitive Information
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could affect the confidentiality, integrity, and availability of affected devices.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
SCALANCE LPE9403 (6GK5998-3GS00-2AC2): All versions (CVE-2025-40572, CVE-2025-40573, CVE-2025-40574, CVE-2025-40575, CVE-2025-40576, CVE-2025-40577, CVE-2025-40578, CVE-2025-40579, CVE-2025-40580)
SCALANCE LPE9403 (6GK5998-3GS00-2AC2): All versions (CVE-2025-40581, CVE-2025-40582, CVE-2025-40583)
3.2 VULNERABILITY OVERVIEW
3.2.1 INCORRECT PERMISSION ASSIGNMENT FOR ...
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-4702 |
Description: A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/add-category.php. The manipulation of the argument catename leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine Schwachstelle in PHPGurukul Vehicle Parking Management System 1.13 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /admin/add-category.php. Durch Beeinflussen des Arguments catename mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-4701 |
Description: A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host. Eine Schwachstelle wurde in VITA-MLLM Freeze-Omni bis 20250421 entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion torch.load der Datei models/utils.py. Durch das Beeinflussen des Arguments path mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal.
CVSS: MEDIUM (4.8) EPSS Score: 0.02%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-4699 |
Description: A vulnerability classified as critical was found in PHPGurukul Apartment Visitors Management System 1.0. This vulnerability affects unknown code of the file /admin/visitors-form.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In PHPGurukul Apartment Visitors Management System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /admin/visitors-form.php. Durch Manipulieren des Arguments Category mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-4698 |
Description: A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/forget-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine Schwachstelle in PHPGurukul Directory Management System 2.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /admin/forget-password.php. Durch das Manipulieren des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
May 15th, 2025 (about 1 month ago)
|
|
CVE-2025-46053 |
Description: A SQL Injection vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL commands and extract sensitive data by injecting a crafted payload into the ReportID and ReplaceReportID parameters within a POST request to /reportwriter/admin/ReportCreator.php
CVSS: MEDIUM (5.1) EPSS Score: 0.02%
May 15th, 2025 (about 1 month ago)
|