You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-40797
About this tag
The CVE-2025-40797 tag on WindowsForum.com covers a critical remote code execution vulnerability in Siemens User Management Component (UMC). Discussions highlight a stack-based buffer overflow scored as critical by Siemens, along with three out-of-bounds read issues causing denial-of-service. The advisory (SSA-722410) urges updating UMC to V2.15.1.3. Some Siemens product lines embedding UMC lack planned fixes, requiring immediate inventory and network hardening. This tag is relevant for industrial control system administrators and IT security professionals managing Siemens infrastructure.
Siemens has published a high‑severity ProductCERT advisory (SSA‑722410) describing multiple remotely exploitable vulnerabilities in its User Management Component (UMC), including a stack‑based buffer overflow that Siemens scores as critical and three separate out‑of‑bounds read issues that can...
2.15.1.3
buffer overflow
cisa
cve-2025-40795
cve-2025-40796
cve-2025-40797
cve-2025-40798
dos
ics security
industrial control systems
ot security
patch management
productcert
remote code execution
siemens
siemens vulnerabilities
umc
umc v2.15.1.3
windows server