CVE-2025-40808 - Vulnerability Details

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). The affected application allows authenticated users to upload arbitrary files using DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, that could cause denial of service condition and potentially lead to code execution.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Siprotec 5 6md84 Siprotec 5 6md85 Siprotec 5 6md86 Siprotec 5 6md89 Siprotec 5 6mu85 Siprotec 5 7ke85 Siprotec 5 7sa82 Siprotec 5 7sa86 Siprotec 5 7sa87 Siprotec 5 7sd82 Siprotec 5 7sd86 Siprotec 5 7sd87 Siprotec 5 7sj81 Siprotec 5 7sj82 Siprotec 5 7sj85 Siprotec 5 7sj86 Siprotec 5 7sk82 Siprotec 5 7sk85 Siprotec 5 7sl82 Siprotec 5 7sl86 Siprotec 5 7sl87 Siprotec 5 7ss85 Siprotec 5 7st85 Siprotec 5 7st86 Siprotec 5 7sx82 Siprotec 5 7sx85 Siprotec 5 7sy82 Siprotec 5 7um85 Siprotec 5 7ut82 Siprotec 5 7ut85 Siprotec 5 7ut86 Siprotec 5 7ut87 Siprotec 5 7ve85 Siprotec 5 7vk87 Siprotec 5 7vu85 Siprotec 5 Compact 7sx800

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/html/ssa-139483.html

History

Tue, 09 Jun 2026 20:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Siemens Siemens siprotec 5 6md84 Siemens siprotec 5 6md85 Siemens siprotec 5 6md86 Siemens siprotec 5 6md89 Siemens siprotec 5 6mu85 Siemens siprotec 5 7ke85 Siemens siprotec 5 7sa82 Siemens siprotec 5 7sa86 Siemens siprotec 5 7sa87 Siemens siprotec 5 7sd82 Siemens siprotec 5 7sd86 Siemens siprotec 5 7sd87 Siemens siprotec 5 7sj81 Siemens siprotec 5 7sj82 Siemens siprotec 5 7sj85 Siemens siprotec 5 7sj86 Siemens siprotec 5 7sk82 Siemens siprotec 5 7sk85 Siemens siprotec 5 7sl82 Siemens siprotec 5 7sl86 Siemens siprotec 5 7sl87 Siemens siprotec 5 7ss85 Siemens siprotec 5 7st85 Siemens siprotec 5 7st86 Siemens siprotec 5 7sx82 Siemens siprotec 5 7sx85 Siemens siprotec 5 7sy82 Siemens siprotec 5 7um85 Siemens siprotec 5 7ut82 Siemens siprotec 5 7ut85 Siemens siprotec 5 7ut86 Siemens siprotec 5 7ut87 Siemens siprotec 5 7ve85 Siemens siprotec 5 7vk87 Siemens siprotec 5 7vu85 Siemens siprotec 5 Compact 7sx800
Vendors & Products		Siemens Siemens siprotec 5 6md84 Siemens siprotec 5 6md85 Siemens siprotec 5 6md86 Siemens siprotec 5 6md89 Siemens siprotec 5 6mu85 Siemens siprotec 5 7ke85 Siemens siprotec 5 7sa82 Siemens siprotec 5 7sa86 Siemens siprotec 5 7sa87 Siemens siprotec 5 7sd82 Siemens siprotec 5 7sd86 Siemens siprotec 5 7sd87 Siemens siprotec 5 7sj81 Siemens siprotec 5 7sj82 Siemens siprotec 5 7sj85 Siemens siprotec 5 7sj86 Siemens siprotec 5 7sk82 Siemens siprotec 5 7sk85 Siemens siprotec 5 7sl82 Siemens siprotec 5 7sl86 Siemens siprotec 5 7sl87 Siemens siprotec 5 7ss85 Siemens siprotec 5 7st85 Siemens siprotec 5 7st86 Siemens siprotec 5 7sx82 Siemens siprotec 5 7sx85 Siemens siprotec 5 7sy82 Siemens siprotec 5 7um85 Siemens siprotec 5 7ut82 Siemens siprotec 5 7ut85 Siemens siprotec 5 7ut86 Siemens siprotec 5 7ut87 Siemens siprotec 5 7ve85 Siemens siprotec 5 7vk87 Siemens siprotec 5 7vu85 Siemens siprotec 5 Compact 7sx800

Tue, 09 Jun 2026 11:45:00 +0000

Type	Values Removed	Values Added
Title		Authenticated File Upload Allowing Arbitrary Files via DIGSI 5

Tue, 09 Jun 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). The affected application allows authenticated users to upload arbitrary files using DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, that could cause denial of service condition and potentially lead to code execution.
Weaknesses		CWE-434
References		https://cert-portal.siemens.com/productcert/html/ssa-139483.html
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2026-06-09T08:46:49.158Z

Updated: 2026-06-09T14:22:32.677Z

Reserved: 2025-04-16T08:50:26.973Z

Link: CVE-2025-40808

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-06-09T10:16:35.807

Modified: 2026-06-09T13:49:39.993

Link: CVE-2025-40808

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object