How to fix CVE-2025-40594?

Within 30 days: Identify affected systems running SINAMICS G220 and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Sinamics G220 Firmware affected by CVE-2025-40594?

Organizations using SINAMICS G220 should be aware of notable risk from CVE-2025-40594, a improper privilege management vulnerability rated CVSS 6.9. Attackers could gain access beyond their authorized level. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2025-40594

MEDIUM

2025-09-09 [email protected]

6.9

CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:11 vuln.today

CVE Published

Sep 09, 2025 - 09:15 nvd

MEDIUM 6.9

Description

A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as well as manipulation of configuration data because of leaked privileges of previous sessions. This could allow an unauthorized attacker to escalate their privileges.

Analysis

A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All versions < V6.4 HF2). Rated medium severity (CVSS 6.9), this vulnerability is no authentication required. No vendor patch available.

Technical Context

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as well as manipulation of configuration data because of leaked privileges of previous sessions. This could allow an unauthorized attacker to escalate their privileges. Affected products include: Siemens Sinamics G220 Firmware, Siemens Sinamics S200 Firmware, Siemens Sinamics S210 Firmware.

Affected Products

Siemens Sinamics G220 Firmware, Siemens Sinamics S200 Firmware, Siemens Sinamics S210 Firmware.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +34

POC: 0

CVE-2025-40594 vulnerability details – vuln.today

Back

CVE-2025-40594

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-40594

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code