CVE 6.1 MEDIUM

CVE-2025-40808_CVE-2025-40808

June 9, 2026 invoker category_cve
6.1 / 10
MEDIUM
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Description

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). The affected application allows authenticated users to upload arbitrary files using DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, that could cause denial of service condition and potentially lead to code execution.

Basic Information

ID CVE-2025-40808
Source siemens
Published Jun 9, 2026 at 08:46

Affected Product

Vendor Siemens
Product SIPROTEC 5 6MD84 (CP300)
Affected Versions Siemens SIPROTEC 5 6MD84 (CP300) 0
Siemens SIPROTEC 5 6MD85 (CP200) 0
Siemens SIPROTEC 5 6MD85 (CP300) 0
Siemens SIPROTEC 5 6MD86 (CP200) 0
Siemens SIPROTEC 5 6MD86 (CP300) 0
Siemens SIPROTEC 5 6MD89 (CP300) 0
Siemens SIPROTEC 5 6MU85 (CP300) 0
Siemens SIPROTEC 5 7KE85 (CP200) 0
Siemens SIPROTEC 5 7KE85 (CP300) 0
Siemens SIPROTEC 5 7SA82 (CP100) 0
Siemens SIPROTEC 5 7SA82 (CP150) 0
Siemens SIPROTEC 5 7SA86 (CP200) 0
Siemens SIPROTEC 5 7SA86 (CP300) 0
Siemens SIPROTEC 5 7SA87 (CP200) 0
Siemens SIPROTEC 5 7SA87 (CP300) 0
Siemens SIPROTEC 5 7SD82 (CP100) 0
Siemens SIPROTEC 5 7SD82 (CP150) 0
Siemens SIPROTEC 5 7SD86 (CP200) 0
Siemens SIPROTEC 5 7SD86 (CP300) 0
Siemens SIPROTEC 5 7SD87 (CP200) 0
Siemens SIPROTEC 5 7SD87 (CP300) 0
Siemens SIPROTEC 5 7SJ81 (CP100) 0
Siemens SIPROTEC 5 7SJ81 (CP150) 0
Siemens SIPROTEC 5 7SJ82 (CP100) 0
Siemens SIPROTEC 5 7SJ82 (CP150) 0
Siemens SIPROTEC 5 7SJ85 (CP200) 0
Siemens SIPROTEC 5 7SJ85 (CP300) 0
Siemens SIPROTEC 5 7SJ86 (CP200) 0
Siemens SIPROTEC 5 7SJ86 (CP300) 0
Siemens SIPROTEC 5 7SK82 (CP100) 0
Siemens SIPROTEC 5 7SK82 (CP150) 0
Siemens SIPROTEC 5 7SK85 (CP200) 0
Siemens SIPROTEC 5 7SK85 (CP300) 0
Siemens SIPROTEC 5 7SL82 (CP100) 0
Siemens SIPROTEC 5 7SL82 (CP150) 0
Siemens SIPROTEC 5 7SL86 (CP200) 0
Siemens SIPROTEC 5 7SL86 (CP300) 0
Siemens SIPROTEC 5 7SL87 (CP200) 0
Siemens SIPROTEC 5 7SL87 (CP300) 0
Siemens SIPROTEC 5 7SS85 (CP200) 0
Siemens SIPROTEC 5 7SS85 (CP300) 0
Siemens SIPROTEC 5 7ST85 (CP200) 0
Siemens SIPROTEC 5 7ST85 (CP300) 0
Siemens SIPROTEC 5 7ST86 (CP300) 0
Siemens SIPROTEC 5 7SX82 (CP150) 0
Siemens SIPROTEC 5 7SX85 (CP300) 0
Siemens SIPROTEC 5 7SY82 (CP150) 0
Siemens SIPROTEC 5 7UM85 (CP300) 0
Siemens SIPROTEC 5 7UT82 (CP100) 0
Siemens SIPROTEC 5 7UT82 (CP150) 0
Siemens SIPROTEC 5 7UT85 (CP200) 0
Siemens SIPROTEC 5 7UT85 (CP300) 0
Siemens SIPROTEC 5 7UT86 (CP200) 0
Siemens SIPROTEC 5 7UT86 (CP300) 0
Siemens SIPROTEC 5 7UT87 (CP200) 0
Siemens SIPROTEC 5 7UT87 (CP300) 0
Siemens SIPROTEC 5 7VE85 (CP300) 0
Siemens SIPROTEC 5 7VK87 (CP200) 0
Siemens SIPROTEC 5 7VK87 (CP300) 0
Siemens SIPROTEC 5 7VU85 (CP300) 0
Siemens SIPROTEC 5 Compact 7SX800 (CP050) 0

CWE Classification

CWE-434

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.