CVE-2025-40742
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-08
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | siprotec_5 | 7sl82 |
| siemens | siprotec_5 | 7ut82 |
| siemens | siprotec_5 | 7sk82 |
| siemens | siprotec_5 | 7sa82 |
| siemens | siprotec_5 | 6md85 |
| siemens | siprotec_5 | 7sa87 |
| siemens | siprotec_5 | 7vk87 |
| siemens | siprotec_5 | 6md89 |
| siemens | siprotec_5 | 7sd82 |
| siemens | siprotec_5 | 6md84 |
| siemens | siprotec_5 | 7vu85 |
| siemens | siprotec_5 | 7sj81 |
| siemens | siprotec_5 | 7ve85 |
| siemens | siprotec_5 | 6md86 |
| siemens | siprotec_5 | 7ke85 |
| siemens | siprotec_5 | 7sj82 |
| siemens | siprotec_5 | compact_7sx800 |
| siemens | siprotec_5 | 7sd86 |
| siemens | siprotec_5 | 7sa86 |
| siemens | siprotec_5 | 7um85 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-598 | The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that request. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects SIPROTEC 5 devices where session identifiers are included in URL requests for certain functionalities. Because these session identifiers appear in URLs, an attacker could retrieve sensitive session data from browser history, logs, or other storage mechanisms. This exposure could potentially lead to unauthorized access to sensitive session information. [1]
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to gain unauthorized access to sensitive session data. This could compromise the confidentiality of your sessions, potentially leading to unauthorized actions or access within the affected SIPROTEC 5 devices. However, the vulnerability does not affect the integrity or availability of the devices. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic and logs for URL requests that include session identifiers in query strings. Since the affected devices include session identifiers in URL requests, inspecting HTTP GET requests for sensitive session data exposure is key. Specific commands are not provided in the resources, but network administrators can use tools like Wireshark or tcpdump to capture HTTP traffic and grep or filter for URLs containing session identifiers. Additionally, reviewing browser history and server logs for URLs with session data can help identify exposure. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing multi-level redundant secondary protection schemes in critical power systems to maintain grid resilience, protecting network access using firewalls, network segmentation, and VPNs, and configuring the environment according to Siemens operational guidelines to maintain a secure IT environment. Operators should also supervise update processes and apply security updates once they become available. Since no patches are currently available, these defensive measures are essential to reduce risk. [1]