CVE-2025-40767 — Vulnetix

CVE-2025-40767 PUBLISHED CVSS 7.800000190734863 HIGH

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.

EPSS 0.02% · 6.5th percentile

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

0.02%

6.5th percentile

Affected Products

Vendor	Product	Versions
siemens	sinec_traffic_analyzer	0
Siemens	SINEC Traffic Analyzer	0

Timeline

Aug 12, 2025 EPSS Score
Aug 12, 2025 Coalition ESS Score
Aug 12, 2025 CVE Published
Aug 12, 2025 PoC Published
Aug 14, 2025 PoC Published
Aug 15, 2025 Coalition ESS Score
Aug 15, 2025 CVE Updated
Aug 20, 2025 EPSS Score
Aug 22, 2025 Coalition ESS Score
Aug 26, 2025 Coalition ESS Score
Aug 29, 2025 EPSS Score
Sep 6, 2025 EPSS Score

References

https://cert-portal.siemens.com/productcert/html/ssa-517338.html url
https://nvd.nist.gov/vuln/detail/CVE-2025-40767 advisory

Open in Interactive Console →