{“lastseen”:””,”description”:”A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions \\u003c V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions \\u003c V5.7 SP1 HF1), SIMOTION SCOUT V5.4 (All versions), SIMOTION SCOUT V5.5 (All versions), SIMOTION SCOUT V5.6 (All versions \\u003c V5.6 SP1 HF7), SIMOTION SCOUT V5.7 (All versions \\u003c V5.7 SP1 HF1), SINAMICS STARTER V5.5 (All versions), SINAMICS STARTER V5.6 (All versions), SINAMICS STARTER V5.7 (All versions). The affected application contains a XML External Entity Injection (XXE) vulnerability while parsing specially crafted XML files. This could allow an attacker to read arbitrary files in the system.”,”published”:”2025-08-12T11:17:02.605Z”,”modified”:”2025-08-12T11:17:02.605Z”,”type”:”cve”,”title”:”CVE-2025-40584″,”source”:”siemens”,”references”:”https:\/\/cert-portal.siemens.com\/productcert\/html\/ssa-186293.html”,”id”:”CVE-2025-40584″,”bulletinFamily”:””,”cwe”:[“CWE-611″],”cvelist”:null,”sourceData”:”Siemens SIMOTION SCOUT TIA V5.4 0\\nSiemens SIMOTION SCOUT TIA V5.5 0\\nSiemens SIMOTION SCOUT TIA V5.6 0\\nSiemens SIMOTION SCOUT TIA V5.7 0\\nSiemens SIMOTION SCOUT V5.4 0\\nSiemens SIMOTION SCOUT V5.5 0\\nSiemens SIMOTION SCOUT V5.6 0\\nSiemens SIMOTION SCOUT V5.7 0\\nSiemens SINAMICS STARTER V5.5 0\\nSiemens SINAMICS STARTER V5.6 0\\nSiemens SINAMICS STARTER V5.7 0″,”sourceHref”:””,”cvss”:{“score”:5.5,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”SIMOTION SCOUT TIA V5.4″,”version”:”0″,”vendor”:”Siemens”,”ai_description”:”A vulnerability has been identified in SIMOTION SCOUT TIA and SINAMICS STARTER products, containing a XML External Entity Injection (XXE) vulnerability while parsing specially crafted XML files. This could allow an attacker to read arbitrary files in the system.”,”ai_severity”:”MEDIUM”,”ai_vendor”:”Siemens”,”ai_product”:”SIMOTION SCOUT TIA, SIMOTION SCOUT, SINAMICS STARTER”,”ai_version”:”V5.4, V5.5, V5.6, V5.7″,”ai_score”:5.5}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions \\u003c…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,70,12,21,13,7,11,5],"class_list":["post-10483","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-55","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n