You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-40796
About this tag
Discussions tagged with cve-2025-40796 focus on a high-severity vulnerability in Siemens' User Management Component (UMC), as detailed in ProductCERT advisory SSA-722410. The flaw involves a stack-based buffer overflow rated critical, along with three out-of-bounds read issues enabling denial-of-service. Siemens recommends updating UMC to version 2.15.1.3, but notes that fixes are not planned for some product lines, requiring immediate inventory and network hardening. The tag covers related Siemens UMC vulnerabilities, patch guidance, and compensating controls for affected systems.
Siemens has published a high‑severity ProductCERT advisory (SSA‑722410) describing multiple remotely exploitable vulnerabilities in its User Management Component (UMC), including a stack‑based buffer overflow that Siemens scores as critical and three separate out‑of‑bounds read issues that can...
2.15.1.3
buffer overflow
cisa
cve-2025-40795
cve-2025-40796
cve-2025-40797
cve-2025-40798
dos
ics security
industrial control systems
ot security
patch management
productcert
remote code execution
siemens
siemens vulnerabilities
umc
umc v2.15.1.3
windows server