CNNVD-202512-1518 Information

CNNVD ID

CNNVD-202512-1518

Related CVE

CVE-2025-40937

• CNNVD Published: 2025-12-09

Description (Chinese)

Siemens SIMATIC CN 4100是德国西门子（Siemens）公司的一个通信节点。 Siemens SIMATIC CN 4100 V4.0.1之前版本存在命令注入漏洞，该漏洞源于REST API输入参数验证不足，可能导致执行任意代码。

Description (English)

Siemens SIMATIC CN 4100 is a communication node of Siemens, Germany. A pre-version of Siemens SIMATIC CN 4100 V4.0.1 had a command-injecting loophole, which stemmed from inadequate verification of RET API input parameters and could lead to the implementation of any code.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

西门子

Published

2025-12-09

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-416652.html

Patch

https://support.industry.siemens.com/cs/document/109814144/communication-node-simatic-cn-4100-v4-0-1?lc=en-ww