CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-40594

A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as well as manipulation of configuration data because of leaked privileges of previous sessions. This could allow an unauthorized attacker to escalate their privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.1%

CVSS Severity

CVSS v3 Score 6.3

References

https://cert-portal.siemens.com/productcert/html/ssa-027652.html

Products affected by CVE-2025-40594

Siemens » Sinamics G220 » Version: N/A

cpe:2.3:h:siemens:sinamics_g220:-
Siemens » Sinamics S200 » Version: N/A

cpe:2.3:h:siemens:sinamics_s200:-
Siemens » Sinamics S210 » Version: N/A

cpe:2.3:h:siemens:sinamics_s210:-
Siemens » Sinamics G220 Firmware » Version: 6.4

cpe:2.3:o:siemens:sinamics_g220_firmware:6.4
Siemens » Sinamics S200 Firmware » Version: 6.4

cpe:2.3:o:siemens:sinamics_s200_firmware:6.4
Siemens » Sinamics S210 Firmware » Version: 6.4

cpe:2.3:o:siemens:sinamics_s210_firmware:6.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-40594

Products

Pricing

Contact Us