CVE-2025-40831_CVE-2025-40831

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Description

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report functionality.

Basic Information

ID CVE-2025-40831

Source siemens

Published Dec 9, 2025 at 10:44

Affected Product

Vendor Siemens

Product SINEC Security Monitor

Affected Versions Siemens SINEC Security Monitor 0

CWE Classification

CWE-20

References

cert-portal.siemens.com /productcert/html/ssa-882673.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report functionality.",
    "published": "2025-12-09T10:44:33.449Z",
    "modified": "2025-12-09T10:44:33.449Z",
    "type": "cve",
    "title": "CVE-2025-40831",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-882673.html",
    "id": "CVE-2025-40831",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "Siemens SINEC Security Monitor 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SINEC Security Monitor",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}