VYPR
High severity7.5NVD Advisory· Published Sep 9, 2025· Updated Jun 9, 2026

CVE-2025-40798

CVE-2025-40798

Description

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:siemens:simatic_pcs_neo:4.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:siemens:simatic_pcs_neo:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*
    • (no CPE)
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0
  • cpe:2.3:a:siemens:user_management_component:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:siemens:user_management_component:*:*:*:*:*:*:*:*range: <2.15.1.3
    • (no CPE)range: < V2.15.1.3
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.