CVE-2025-40941
published 2025-12-09CVE-2025-40941: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its responses. This could…
medium5.3CVSS 4.0
AVNACLATNPRLUINVCLVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its responses.
This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simatic_cn_4100 | < V4.0.1 | V4.0.1 |
| siemens | simatic_cn_4100_firmware | < 4.0.1 | 4.0.1 |