You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-40594
About this tag
CVE-2025-40594 is a privilege escalation vulnerability affecting Siemens SINAMICS drive systems, as detailed in Siemens security advisory SSA-027652. The flaw allows an attacker to perform a factory reset and manipulate configuration settings without the required privileges. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) republished the advisory as ICSA-25-254-03 on September 11, 2025, to alert operators and highlight vendor remediation status. Discussions on WindowsForum.com cover the technical details, impact on industrial control systems, and recommended mitigation steps for administrators managing SINAMICS devices.
Siemens has published a security advisory (SSA-027652) describing a privilege‑escalation vulnerability in its SINAMICS drive family that allows a factory reset and configuration manipulation without the required privileges, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA)...