CVE 8.8 HIGH

CVE-2025-40942_CVE-2025-40942

January 13, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4). Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges.

AI Analysis

Local privilege escalation vulnerability allowing an attacker to run arbitrary code with elevated privileges

Basic Information

ID CVE-2025-40942

Source siemens

Published Jan 13, 2026 at 09:44

Affected Product

Vendor Siemens

Product TeleControl Server Basic

Affected Versions Siemens TeleControl Server Basic 0

CWE Classification

CWE-250

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Siemens

Product TeleControl Server Basic

Version All versions < V3.1.2.4

References

cert-portal.siemens.com /productcert/html/ssa-192617.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4). Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges.",
    "published": "2026-01-13T09:44:04.669Z",
    "modified": "2026-01-13T09:44:04.669Z",
    "type": "cve",
    "title": "CVE-2025-40942",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-192617.html",
    "id": "CVE-2025-40942",
    "bulletinFamily": "",
    "cwe": [
        "CWE-250"
    ],
    "cvelist": null,
    "sourceData": "Siemens TeleControl Server Basic 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "TeleControl Server Basic",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "Local privilege escalation vulnerability allowing an attacker to run arbitrary code with elevated privileges",
    "ai_severity": "High",
    "ai_vendor": "Siemens",
    "ai_product": "TeleControl Server Basic",
    "ai_version": "All versions < V3.1.2.4",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply