CVE-2025-40768
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-12
Last updated on: 2025-08-15
Assigner: Siemens AG
Description
Description
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to access the application.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | sinec_traffic_analyzer | to 3.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
An unauthorized attacker could exploit this vulnerability to access the application remotely, which may lead to unauthorized information disclosure, modification, or disruption of service.
Can you explain this vulnerability to me?
This vulnerability exists in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) versions earlier than 3.0. The application exposes an internal service port that can be accessed from outside the system, potentially allowing an unauthorized attacker to gain access to the application.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70