VDB
CVE-2025-40770
CVE-2025-40770
PUBLISHED
CVSS 7.400000095367432 HIGH
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.
EPSS 0.02% · 4.2th percentile
Risk Scores
CVSS 3.1
7.400000095367432
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.02%
4.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | sinec_traffic_analyzer | 0 |
| Siemens | SINEC Traffic Analyzer | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-40770 (circl-sighting)
- CIRCL seen: CVE-2025-40770 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-517338.html (circl)
Timeline
- Aug 12, 2025 EPSS Score
- Aug 12, 2025 Coalition ESS Score
- Aug 12, 2025 CVE Published
- Aug 12, 2025 PoC Published
- Aug 14, 2025 PoC Published
- Aug 20, 2025 EPSS Score
- Aug 20, 2025 Coalition ESS Score
- Aug 20, 2025 CVE Updated
- Aug 26, 2025 Coalition ESS Score
- Aug 29, 2025 EPSS Score
- Sep 6, 2025 EPSS Score
- Sep 14, 2025 EPSS Score