CVE-2025-40943
published 2026-03-10CVE-2025-40943: Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user…
critical9.4CVSS 4.0
AVNACLATNPRNUIPVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
Affected devices do not properly sanitize contents of trace files.
This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file.
The malicious trace file is insufficiently sanitized and malicious code could be executed in the clients browser session and trigger PLC operations via the webserver that the legitimate user is authorized to perform.
Affected
122 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simatic_drive_controller_cpu_1504d_tf | < V3.1.6 | V3.1.6 |
| siemens | simatic_drive_controller_cpu_1507d_tf | < V3.1.6 | V3.1.6 |
| siemens | simatic_et_200sp_cpu_1510sp-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_et_200sp_cpu_1510sp-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1510sp_f-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_et_200sp_cpu_1510sp_f-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1512sp-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_et_200sp_cpu_1512sp-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1512sp_f-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_et_200sp_cpu_1512sp_f-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1514sp-2_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1514sp_f-2_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1514spt-2_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_cpu_1514spt_f-2_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc | < * | * |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_v2_cpus_windows_os | < * | * |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_v3_cpus_industrial_os | < * | * |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_v3_cpus_windows_os | < * | * |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc3_v4_cpus | < * | * |
| siemens | simatic_s7-1500_cpu_1511-1_pn | < * | * |
| siemens | simatic_s7-1500_cpu_1511-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_s7-1500_cpu_1511-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_s7-1500_cpu_1511c-1_pn | < V2.9.9 | V2.9.9 |
| siemens | simatic_s7-1500_cpu_1511c-1_pn | < V4.1.2 | V4.1.2 |
| siemens | simatic_s7-1500_cpu_1511f-1_pn | < V2.9.9 | V2.9.9 |