CVE-2025-30175

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

8.7HIGH

EPSS

0.3%

top 51.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic PCS NEO V4.1 Siemens Simatic PCS NEO V5.0 Siemens Sinec NMS +9 more

Timeline

PublishedMay 13

Description

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages13 packages

▶CVEListV5siemens/totally_integrated_automation_portal_(tia_portal)_v17< *

▶CVEListV5siemens/totally_integrated_automation_portal_(tia_portal)_v18< *

▶CVEListV5siemens/totally_integrated_automation_portal_(tia_portal)_v19< *

▶CVEListV5siemens/totally_integrated_automation_portal_(tia_portal)_v20< *

▶NVDsiemens/totally_integrated_automation_portal4 versions+3

🔴Vulnerability Details

GHSA

GHSA-p7rr-mpvr-c5pf: A vulnerability has been identified in SIMATIC PCS neo V4↗2025-05-13

▶

CVEList

CVE-2025-30175: A vulnerability has been identified in SIMATIC PCS neo V4↗2025-05-13

▶