Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-40831

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of date parameter in report generation functionality. This could allow an authenticated, lowly privileged attacker to cause denial of service condition of the report functionality.

Published

2025-12-09T16:17:46.893

Last Modified

2025-12-10T21:38:30.183

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	siemens	sinec_security_monitor	< 4.10.0	Yes

References

https://cert-portal.siemens.com/productcert/html/ssa-882673.html Vendor Advisory ([email protected])