CVE-2025-31929
A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions), UL Resi High End 40A w/15118 Hw (8EM1312-4CF18-0FA3) (All versions), UL Resi High End 48A w/15118 Hw (8EM1312-5CF18-0FA3) (All versions), VersiCharge Blue™ 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions). Affected devices do not contain an Immutable Root of Trust in M0 Hardware. An attacker with physical access to the device could use this to execute arbitrary code.
EPSS 0.08% · 23.3th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | IEC 1Ph 7.4kW Parent cable 7m incl. SIM | 0 |
| Siemens | UL Commercial Cellular 48A NTEP | 0 |
| Siemens | UL Commercial Child 48A BA Compliant | 0 |
| Siemens | IEC 3Ph 22kW Child socket | 0 |
| Siemens | IEC 3Ph 22kW Parent socket incl. SIM | 0 |
| Siemens | IEC ERK 3Ph 22 kW Parent socket | 0 |
| Siemens | UL Commercial Parent 40A with Simcard | 0 |
| Siemens | IEC 3Ph 22kW Child socket/ shutter | 0 |
| Siemens | IEC 3Ph 22kW Parent socket | 0 |
| Siemens | IEC 1Ph 7.4kW Parent socket/ shutter | 0 |
| Siemens | IEC ERK 3Ph 22 kW Child socket | 0 |
| Siemens | IEC 3Ph 22kW Parent cable 7m incl. SIM | 0 |
| Siemens | UL Commercial Child 40A w/ 15118 HW | 0 |
| Siemens | UL Resi High End 48A w/15118 Hw | 0 |
| Siemens | IEC 1Ph 7.4kW Child socket/ shutter | 0 |
| Siemens | IEC 3Ph 22kW Child cable 7m | 0 |
| Siemens | IEC 1Ph 7.4kW Parent cable 7m | 0 |
| Siemens | UL Commercial Parent 48A with Simcard BA | 0 |
| Siemens | IEC 1Ph 7.4kW Parent socket/ shutter SIM | 0 |
| Siemens | IEC 3Ph 22kW Parent socket/ shutter | 0 |
…and 14 more
Exploit Intelligence
- CIRCL seen: CVE-2025-31929 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-556937.html (circl)
Timeline
- May 13, 2025 EPSS Score
- May 13, 2025 CVE Published
- May 15, 2025 PoC Published
- May 24, 2025 EPSS Score
- Jun 5, 2025 EPSS Score
- Jun 5, 2025 Coalition ESS Score
- Jun 16, 2025 EPSS Score
- Jun 28, 2025 EPSS Score
- Jul 9, 2025 EPSS Score
- Jul 21, 2025 EPSS Score
- Aug 1, 2025 EPSS Score
- Aug 13, 2025 EPSS Score