cve-2025-40797

About this tag
The CVE-2025-40797 tag on WindowsForum.com covers a critical remote code execution vulnerability in Siemens User Management Component (UMC). Discussions highlight a stack-based buffer overflow scored as critical by Siemens, along with three out-of-bounds read issues causing denial-of-service. The advisory (SSA-722410) urges updating UMC to V2.15.1.3. Some Siemens product lines embedding UMC lack planned fixes, requiring immediate inventory and network hardening. This tag is relevant for industrial control system administrators and IT security professionals managing Siemens infrastructure.
  1. Siemens UMC Vulnerabilities: Critical RCE and DoS; Patch to 2.15.1.3 Now

    Siemens has published a high‑severity ProductCERT advisory (SSA‑722410) describing multiple remotely exploitable vulnerabilities in its User Management Component (UMC), including a stack‑based buffer overflow that Siemens scores as critical and three separate out‑of‑bounds read issues that can...