Vulnerability Details CVE-2025-30176
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.2%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-30176
-
cpe:2.3:a:siemens:simatic_pcs_neo:4.1
-
cpe:2.3:a:siemens:simatic_pcs_neo:5.0
-
cpe:2.3:a:siemens:sinec_nms:-
-
cpe:2.3:a:siemens:sinec_nms:1.0
-
cpe:2.3:a:siemens:sinec_nms:1.0.3
-
cpe:2.3:a:siemens:sinec_nms:2.0
-
cpe:2.3:a:siemens:sinec_nms:3.0
-
cpe:2.3:a:siemens:sinema_remote_connect:-
-
cpe:2.3:a:siemens:totally_integrated_automation_portal:17
-
cpe:2.3:a:siemens:totally_integrated_automation_portal:18
-
cpe:2.3:a:siemens:totally_integrated_automation_portal:19
-
cpe:2.3:a:siemens:totally_integrated_automation_portal:20
-
cpe:2.3:a:siemens:user_management_component:*