CVE-2025-40765
published 2025-10-14CVE-2025-40765: A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information…
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.51%
39.5th percentile
A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | telecontrol_server_basic | — | — |
| siemens | telecontrol_server_basic_v3.1 | >= V3.1.2.2 < V3.1.2.3 | V3.1.2.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated remote connections to the TeleControl Server Basic database service on port 8000, which may indicate exploitation attempts to retrieve password hashes or perform unauthorized database operations. ↗
- →Alert on any external or untrusted IP addresses communicating with port 8000 on TeleControl Server Basic V3.1 systems (versions >= V3.1.2.2 < V3.1.2.3), as the vulnerability is exploitable remotely with low attack complexity and no authentication required. ↗
- ·The vulnerability (CWE-306: Missing Authentication for Critical Function) affects only TeleControl Server Basic V3.1 versions >= V3.1.2.2 and < V3.1.2.3. Systems outside this version range are not affected by this specific CVE. ↗
- ·No public exploit has been reported for this vulnerability at the time of advisory publication, but the CVSS v3.1 score is 9.8 (Critical) and CVSS v4 score is 9.3, indicating high exploitability if exposed. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens TeleControl Server Basic
cisa_ics·2025-10-16·CVSS 9.8
[CRITICAL] Siemens TeleControl Server Basic
ICS Advisory
##
Siemens TeleControl Server Basic
Release DateOctober 16, 2025
Alert CodeICSA-25-289-09
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: TeleControl Server Basic
- Vulnerability: Missing Authentication for Critical Function
## 2. RISK EVALUATION
Successful exp
GHSA
GHSA-qp9r-4cqh-77h3: A vulnerability has been identified in TeleControl Server Basic V3
ghsa_unreviewed·2025-10-14
CVE-2025-40765 [CRITICAL] CWE-306 GHSA-qp9r-4cqh-77h3: A vulnerability has been identified in TeleControl Server Basic V3
A vulnerability has been identified in TeleControl Server Basic V3.1 (All versions >= V3.1.2.2 < V3.1.2.3). The affected application contains an information disclosure vulnerability. This could allow an unauthenticated remote attacker to obtain password hashes of users and to login to and perform authenticated operations of the database service.
No detection rules found.
No public exploits indexed.
2025-10-14
Published