CVE-2025-40944 — Uncontrolled Resource Consumption in Siemens Simatic ET 200al IM 157-1 PN

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

8.7HIGHNVD

EPSS

0.0%

top 94.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic ET 200al IM 157-1 PN Siemens Simatic ET 200mp IM 155-5 PN HF Siemens Simatic ET 200sp IM 155-6 MF HF +12 more

Timeline

PublishedJan 13

Description

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (All versions), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) (All versions = V4.2.0), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) (All versions = V4.2.0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0) (All versions >= V4.2.0), SIPLUS E…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages15 packages

▶CVEListV5siemens/siplus_et_200sp_im_155-6_pn_hf_t1_railV4.2.0 — *

▶CVEListV5siemens/siplus_et_200sp_im_155-6_pn_hf_tx_railV4.2.0 — *

▶CVEListV5siemens/siplus_et_200sp_im_155-6_pn_hfV4.2.0 — *

▶CVEListV5siemens/siplus_et_200mp_im_155-5_pn_hf_t1_railV4.2.0 — *

▶CVEListV5siemens/simatic_et_200sp_im_155-6_mf_hf< *

🔴Vulnerability Details

GHSA

GHSA-vqmm-3555-wq2q: A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA0↗2026-01-13

▶

CVEList

CVE-2025-40944: A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA0↗2026-01-13

▶