Unrated severityNVD Advisory· Published Mar 10, 2026· Updated Mar 19, 2026
CVE-2025-40943
CVE-2025-40943
Description
Affected devices do not properly sanitize contents of trace files.
This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file.
The malicious trace file is insufficiently sanitized and malicious code could be executed in the clients browser session and trigger PLC operations via the webserver that the legitimate user is authorized to perform.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1050+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
0+ 6 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Siemens/SIMATIC ET 200SP CPU 1510SP F-1 PNv5Range: 0
- Siemens/SIMATIC ET 200SP CPU 1512SP-1 PNv5Range: 0
- Siemens/SIMATIC ET 200SP CPU 1512SP F-1 PNv5Range: 0
0+ 10 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Siemens/SIMATIC ET 200SP CPU 1514SP F-2 PNv5Range: 0
- Siemens/SIMATIC ET 200SP CPU 1514SPT-2 PNv5Range: 0
- Siemens/SIMATIC ET 200SP CPU 1514SPT F-2 PNv5Range: 0
- Siemens Foundation/SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)cpe-rescue7 versions
0+ 6 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
0+ 16 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
0+ 4 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
0+ 3 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Siemens/SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNv5Range: 0
- Siemens/SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNv5Range: 0
0+ 15 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Range: 0
- Siemens/SIPLUS ET 200SP CPU 1510SP-1 PNv5Range: 0
0+ 2 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
- Siemens/SIPLUS ET 200SP CPU 1510SP F-1 PNv5Range: 0
- Siemens/SIPLUS ET 200SP CPU 1510SP F-1 PN RAILv5Range: 0
- Siemens/SIPLUS ET 200SP CPU 1512SP-1 PNv5Range: 0
- Siemens/SIPLUS ET 200SP CPU 1512SP F-1 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1511-1 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1511-1 PN T1 RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1511-1 PN TX RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1511F-1 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1513-1 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1513F-1 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1515F-2 PNv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1515F-2 PN RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1516-3 PN/DP RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILv5Range: 0
- Siemens/SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILv5Range: 0
0+ 2 more
- (no CPE)range: 0
- (no CPE)range: 0
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.