Unrated severityNVD Advisory· Published May 13, 2025· Updated Jul 8, 2025

CVE-2025-30174

Description

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Affected products

Siemens Foundation/Simatic Pcs7llm-fuzzy
Range: = V4.1, = V5.0
Siemens Foundation/Sinec Nmsllm-fuzzy2 versions
< V4.0+ 1 more
- (no CPE)range: < V4.0
- (no CPE)range: 0
Siemens Foundation/User Management Componentllm-fuzzy2 versions
< V2.15.1.1+ 1 more
- (no CPE)range: < V2.15.1.1
- (no CPE)range: 0
Siemens/SIMATIC PCS neo V4.1v5
Range: 0
Siemens/SIMATIC PCS neo V5.0v5
Range: 0
Siemens Foundation/Sinema Remote Connect Servercpe-rescue
Range: 0
Siemens Foundation/Totally Integrated Automation Portal (TIA Portal)cpe-rescue4 versions
0+ 3 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/html/ssa-614723.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000