VDB

CVE-2025-40585

CVE-2025-40585 PUBLISHED CVSS 9.899999618530273 CRITICAL

A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR component and tamper with outputs from the device.

EPSS 0.28% · 52.0th percentile

Risk Scores

CVSS 3.1
9.899999618530273
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
EPSS Score
0.28%
52.0th percentile

Affected Products

VendorProductVersions
SiemensEnergy Services0

Timeline

  • Jun 10, 2025 Coalition ESS Score
  • Jun 10, 2025 CVE Published
  • Jun 10, 2025 PoC Published
  • Jun 10, 2025 PoC Published
  • Jun 10, 2025 PoC Published
  • Jun 11, 2025 EPSS Score
  • Jun 12, 2025 Coalition ESS Score
  • Jun 12, 2025 PoC Published
  • Jun 21, 2025 EPSS Score
  • Jul 2, 2025 EPSS Score
  • Jul 12, 2025 EPSS Score
  • Jul 23, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›