CVE-2025-40939
published 2025-12-09CVE-2025-40939: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device contains a USB port which allows unauthenticated…
medium5.1CVSS 4.0
AVPACLATNPRNUINVCNVINVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simatic_cn_4100 | < V4.0.1 | V4.0.1 |
| siemens | simatic_cn_4100_firmware | < 4.0.1 | 4.0.1 |