CVE-2025-40585
BaseFortify
Publication date: 2025-06-10
Last updated on: 2025-06-12
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Siemens Energy Services solutions using the Elspec G5 Digital Fault Recorder (G5DFR) component, which contains default administrative credentials. An attacker with remote access can exploit these default credentials to gain full control over the G5DFR device and manipulate its outputs. This flaw is due to incorrect default permissions (CWE-276). [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to take full control of the G5DFR device, enabling them to tamper with the device's outputs. This poses a severe risk to power system operations, potentially leading to incorrect fault recordings, disruption of power grid monitoring, and compromised grid resilience. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying devices running the Siemens Energy Services solutions with the G5DFR component that still use default credentials. Detection involves scanning the network for G5DFR devices and attempting to access their web interface using default usernames and passwords. Specific commands are not provided in the available resources, but network scanning tools (e.g., nmap) can be used to find devices with open ports typical for G5DFR web interfaces, followed by manual or automated login attempts with default credentials. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include accessing the G5DFR web interface and changing all default usernames, passwords, and permission levels to secure values. Additionally, implement network security measures such as firewalls, network segmentation, and VPNs to restrict access to the device. Applying official security updates through Siemens tooling and procedures, validating updates before deployment, and ensuring supervision by trained personnel are also recommended. Contacting Siemens customer support for assistance is advised if needed. [1]