CVE-2025-40943 — Eval Injection in Siemens Simatic Drive Controller CPU 1504d TF

CWE-95 — Eval Injection CWE-79 — Cross-site Scripting3 documents3 sources

Severity

9.4CRITICALNVD

EPSS

0.0%

top 85.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

105

Siemens Simatic Drive Controller CPU 1504d TF Siemens Simatic Drive Controller CPU 1507d TF Siemens Simatic ET 200sp CPU 1510sp-1 PN +102 more

Timeline

PublishedMar 10

Description

Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitized and malicious code could be executed in the clients browser session and trigger PLC operations via the webserver that the legitimate user is authorized to perform.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Packages105 packages

▶CVEListV5siemens/simatic_s7-plcsim_advanced< *

▶CVEListV5siemens/siplus_s7-1500_cpu_1511-1_pn< *

▶CVEListV5siemens/siplus_s7-1500_cpu_1513-1_pn< *

▶CVEListV5siemens/simatic_s7-1500_cpu_1511-1_pn< *+1

▶CVEListV5siemens/simatic_s7-1500_cpu_1513-1_pn< *+1

🔴Vulnerability Details

CVEList

CVE-2025-40943: Affected devices do not properly sanitize contents of trace files↗2026-03-10

▶

GHSA

GHSA-v7h2-5j7f-whwh: Affected devices do not properly sanitize contents of trace files↗2026-03-10

▶