CVE 7.8 HIGH

CVE-2025-40767_CVE-2025-40767

August 12, 2025 invoker category_cve

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.

AI Analysis

The vulnerability in SINEC Traffic Analyzer allows attackers to bypass container isolation, potentially gaining elevated access to host system resources due to inadequate security controls in Docker container execution.

Basic Information

ID CVE-2025-40767

Source siemens

Published Aug 12, 2025 at 11:17

Modified Aug 12, 2025 at 13:37

Affected Product

Vendor Siemens

Product SINEC Traffic Analyzer

Affected Versions Siemens SINEC Traffic Analyzer 0

CWE Classification

CWE-250

AI Assessment

AI Score 7.8 / 10

AI Severity HIGH

Vendor Siemens

Product SINEC Traffic Analyzer

Version All versions < V3.0

References

cert-portal.siemens.com /productcert/html/ssa-517338.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.",
    "published": "2025-08-12T11:17:17.311Z",
    "modified": "2025-08-12T13:37:52.705Z",
    "type": "cve",
    "title": "CVE-2025-40767",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-517338.html",
    "id": "CVE-2025-40767",
    "bulletinFamily": "",
    "cwe": [
        "CWE-250"
    ],
    "cvelist": null,
    "sourceData": "Siemens SINEC Traffic Analyzer 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SINEC Traffic Analyzer",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "The vulnerability in SINEC Traffic Analyzer allows attackers to bypass container isolation, potentially gaining elevated access to host system resources due to inadequate security controls in Docker container execution.",
    "ai_severity": "HIGH",
    "ai_vendor": "Siemens",
    "ai_product": "SINEC Traffic Analyzer",
    "ai_version": "All versions < V3.0",
    "ai_score": 7.8
}

💭 Join the Security Discussion ❌ Cancel Reply