CVE-2025-40803
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-09

Last updated on: 2025-10-03

Assigner: Siemens AG

Description
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device exposes certain non-critical information from the device. This could allow an unauthenticated attacker to access sensitive data, potentially leading to a breach of confidentiality.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-09
Last Modified
2025-10-03
Generated
2026-06-16
AI Q&A
2025-09-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-40803
EUVD
EUVD-2025-27235
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
siemens ruggedcom_rst2428p_firmware *
siemens ruggedcom_rst2428p *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects the RUGGEDCOM RST2428P device and allows an unauthenticated attacker to access certain non-critical information from the device. Although the information is considered non-critical, it is sensitive and its exposure could lead to a breach of confidentiality.

Impact Analysis

The vulnerability could allow an unauthenticated attacker to access sensitive data from the device, potentially leading to a breach of confidentiality. This means that private or sensitive information could be exposed without authorization.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40803. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart