CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-40773

A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to execute a specific API request. Successful exploitation allows an attacker to potentially manipulate data belonging to other users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.5%

CVSS Severity

CVSS v3 Score 3.5

References

https://cert-portal.siemens.com/productcert/html/ssa-599451.html

Products affected by CVE-2025-40773

Siemens » Sipass Integrated » Version: 2.65

cpe:2.3:a:siemens:sipass_integrated:2.65
Siemens » Sipass Integrated » Version: 2.76

cpe:2.3:a:siemens:sipass_integrated:2.76
Siemens » Sipass Integrated » Version: 2.80

cpe:2.3:a:siemens:sipass_integrated:2.80
Siemens » Sipass Integrated » Version: 2.85

cpe:2.3:a:siemens:sipass_integrated:2.85

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-40773

Products

Pricing

Contact Us