Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Dec 9, 2025

CVE-2025-40938

Description

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability.

Affected products

Siemens Foundation/SIMATIC CN 4100llm-fuzzy
Range: < V4.0.1
Siemens/SIMATIC CN 4100v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/html/ssa-416652.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000