Siemens Vulnerabilities
Comprehensive security vulnerability database for Siemens products
3
2
2
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-40594 | 6.9 | An attacker can gain unauthorized access to sensitive settings on certain Siemens SINAMICS devices by performing a factory reset without proper permissions, potentially allowing them to manipulate configuration data. This vulnerability affects specific firmware versions and can be exploited if the attacker has previously accessed the device, as it involves leftover privileges from earlier sessions. | siemenssinamics g220 firmware | Theoretical | 7 months agoSep 9, 2025 |
| CVE-2024-47565 | 5.3 | An attacker with valid login credentials can exploit a flaw in the SINEC Security Monitor to alter its configuration settings, potentially leading to unauthorized changes in the system's security. This vulnerability affects all versions prior to 4.9.0 and arises from the application not properly checking user input against a list of acceptable values. | siemenssinec security monitor | Exploit Available | over 1 year agoOct 8, 2024 |
| CVE-2024-47563 | 6.9 | An attacker can create files in unintended locations on the system, potentially altering or corrupting important files, if they can access the SINEC Security Monitor application version before 4.9.0. This vulnerability does not require authentication, meaning anyone can exploit it if they know how to send the right request to the application. | siemenssinec security monitor | Theoretical | over 1 year agoOct 8, 2024 |
About Siemens Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Siemens products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.