cbcvebase.
CVE-2025-40585
published 2025-06-10

CVE-2025-40585: A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow…

PriorityP267critical9.9CVSS 3.1
AVNACLPRNUINSCCLIHAL
EPSS
0.33%
24.4th percentile
A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR component and tamper with outputs from the device.

Affected

1 ranges
VendorProductVersion rangeFixed in
siemensenergy_services< **

Detection & IOCsextracted from sources · hover to see the quote

  • Detect exploitation attempts targeting G5DFR component via default credentials over the network (unauthenticated, no user interaction required, network-accessible)
  • Monitor G5DFR web interface for login attempts using default/unchanged usernames and passwords, especially from external or unexpected IP addresses
  • Alert on remote network access to Energy Services G5DFR devices that are internet-exposed; CVSS v3 score 9.9 with AV:N/AC:L/PR:N/UI:N indicates unauthenticated remote exploitation with no prerequisites
  • ·All versions of Siemens Energy Services using the G5DFR component are affected; no patched version is identified — mitigation relies solely on manual credential changes via the G5DFR web interface
  • ·No known public exploitation has been reported at time of advisory publication, but the vulnerability is remotely exploitable with low attack complexity and no authentication required

CVSS provenance

nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
nvdv4.09.5CRITICALCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.