VDB
CVE-2025-40757
CVE-2025-40757
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to download encrypted .db file containing passwords.
EPSS 0.07% · 20.7th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.07%
20.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | APOGEE PXC Series (P2 Ethernet) | 0 |
| Siemens | APOGEE PXC Series (BACnet) | 0 |
| Siemens | TALON TC Series (BACnet) | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-40757 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-916339.html (circl)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
Timeline
- Sep 9, 2025 EPSS Score
- Sep 9, 2025 Coalition ESS Score
- Sep 9, 2025 CVE Published
- Sep 9, 2025 CVE Updated
- Sep 11, 2025 PoC Published
- Sep 16, 2025 EPSS Score
- Sep 24, 2025 EPSS Score
- Oct 1, 2025 EPSS Score
- Oct 3, 2025 Coalition ESS Score
- Oct 6, 2025 Coalition ESS Score
- Oct 8, 2025 EPSS Score
- Oct 10, 2025 Coalition ESS Score