CVE-2025-40742

Summary

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V11.0), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V11.0), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V11.0), SIPROTEC 5 6MD89 (CP300) (All versions < V11.0), SIPROTEC 5 6MD89 (CP300) V9.6x (All versions < V11.0), SIPROTEC 5 6MU85 (CP300) (All versions < V11.0), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V11.0), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V11.0), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V11.0), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V11.0), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V11.0), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V11.0), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V11.0), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V11.0), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V11.0), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V11.0), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V11.0), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V11.0), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V11.0), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V11.0), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V11.0), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V11.0), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V11.0), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V11.0), SIPROTEC 5 7ST86 (CP300) (All versions < V11.0), SIPROTEC 5 7SX82 (CP150) (All versions < V11.0), SIPROTEC 5 7SX85 (CP300) (All versions < V11.0), SIPROTEC 5 7SY82 (CP150) (All versions < V11.0), SIPROTEC 5 7UM85 (CP300) (All versions < V11.0), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V11.0), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V11.0), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V11.0), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V11.0), SIPROTEC 5 7VE85 (CP300) (All versions < V11.0), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V11.0), SIPROTEC 5 7VU85 (CP300) (All versions < V11.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V11.0). The affected devices include session identifiers in URL requests for certain functionalities. This could allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access.

Affected Software

VendorProductVersion RangeStatus
SiemensSIPROTEC 5 6MD84 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 6MD85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 6MD85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 6MD86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 6MD86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 6MD89 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 6MD89 (CP300) V9.6x0 < V11.0affected
SiemensSIPROTEC 5 6MU85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7KE85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7KE85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SA82 (CP100)0 < *affected
SiemensSIPROTEC 5 7SA82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SA84 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SA86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SA86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SA87 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SA87 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SD82 (CP100)0 < *affected
SiemensSIPROTEC 5 7SD82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SD84 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SD86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SD86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SD87 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SD87 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SJ81 (CP100)0 < *affected
SiemensSIPROTEC 5 7SJ81 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SJ82 (CP100)0 < *affected
SiemensSIPROTEC 5 7SJ82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SJ85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SJ85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SJ86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SJ86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SK82 (CP100)0 < *affected
SiemensSIPROTEC 5 7SK82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SK85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SK85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SL82 (CP100)0 < *affected
SiemensSIPROTEC 5 7SL82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SL86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SL86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SL87 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SL87 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SS85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7SS85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7ST85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7ST85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7ST86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SX82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7SX85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7SY82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7UM85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7UT82 (CP100)0 < *affected
SiemensSIPROTEC 5 7UT82 (CP150)0 < V11.0affected
SiemensSIPROTEC 5 7UT85 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7UT85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7UT86 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7UT86 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7UT87 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7UT87 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7VE85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7VK87 (CP200)0 < *unaffected
SiemensSIPROTEC 5 7VK87 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 7VU85 (CP300)0 < V11.0affected
SiemensSIPROTEC 5 Compact 7SX800 (CP050)0 < V11.0affected

Weaknesses

  • CWE-598: CWE-598: Use of GET Request Method With Sensitive Query Strings

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References