CNNVD-202512-1525 Information

Dec 09, 2025 cve

CNNVD ID

CNNVD-202512-1525

CVE-2025-40807

CNNVD Published: 2025-12-09

Description (Chinese)

Siemens Gridscale X Prepay是德国Siemens公司的一款能源预付费和客户管理系统。 Siemens Gridscale X Prepay V4.2.1之前版本存在安全漏洞，该漏洞源于认证令牌重放，可能导致会话劫持。

Description (English)

Siemens Gridscale X Prepay is an energy prepaid and customer management system of Siemens, Germany. There was a security loophole in the pre-version of Siemens Gridscale X Prepay V4.2.1, which resulted from the re-alignment of the authentication badge, which could lead to the hijacking of a session.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

西门子

Published

2025-12-09

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-356310.html

Patch

https://cert-portal.siemens.com/productcert/html/ssa-356310.html

Share on: