CVE-2025-40804
published 2025-09-09CVE-2025-40804: A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions). The affected application exposes a network share without…
PriorityP265critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.38%
30.3th percentile
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions). The affected application exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simatic_virtualization_as_a_service | < * | * |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated access to exposed network shares on SIVaaS systems — the vulnerability exposes a network share without any authentication, enabling remote read/write of sensitive data ↗
- →Monitor for unauthenticated SMB/NFS/network share enumeration or access attempts targeting SIVaaS hosts, particularly from external or untrusted network segments (CVSS AV:N, PR:N — no authentication required, remotely exploitable) ↗
- →Alert on any network share access to SIVaaS systems originating from hosts outside the expected operational network; no credentials are required to exploit this vulnerability ↗
- ·All versions of SIMATIC Virtualization as a Service (SIVaaS) are affected; there is no patched version available — vendor advises contacting Technical Support for assistance ↗
- ·No known public exploitation has been reported at time of advisory publication, but the attack requires no authentication and is remotely exploitable with low complexity ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SIMATIC Virtualization as a Service (SIVaaS)
cisa_ics·2025-09-11·CVSS 9.1
[CRITICAL] Siemens SIMATIC Virtualization as a Service (SIVaaS)
ICS Advisory
##
Siemens SIMATIC Virtualization as a Service (SIVaaS)
Release DateSeptember 11, 2025
Alert CodeICSA-25-254-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIVaaS
- Vulnerability: Incorrect Permission Assignment for Critical Resource
## 2. RISK EVALUATION
S
GHSA
GHSA-5vcx-8m3x-7jmf: A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions)
ghsa_unreviewed·2025-09-09
CVE-2025-40804 [CRITICAL] CWE-732 GHSA-5vcx-8m3x-7jmf: A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions)
A vulnerability has been identified in SIMATIC Virtualization as a Service (SIVaaS) (All versions). The affected application exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-09
Published