High severity7.5NVD Advisory· Published Sep 9, 2025· Updated Jun 9, 2026
CVE-2025-40798
CVE-2025-40798
Description
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:siemens:simatic_pcs_neo:4.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:siemens:simatic_pcs_neo:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*
- (no CPE)
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
cpe:2.3:a:siemens:user_management_component:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:siemens:user_management_component:*:*:*:*:*:*:*:*range: <2.15.1.3
- (no CPE)range: < V2.15.1.3
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/html/ssa-722410.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.