VDB

CVE-2025-40818

CVE-2025-40818 PUBLISHED CVSS 3.299999952316284 LOW

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing any user with server access to read these keys. This could allow an authenticated attacker to impersonate the server potentially enabling man-in-the-middle, traffic decryption or unauthorized access to services that trust these certificates.

EPSS 0.01% · 2.0th percentile

Risk Scores

CVSS 3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.01%
2.0th percentile

Affected Products

VendorProductVersions
siemenssinema_remote_connect_server0, 3.2, 3.2
SiemensSINEMA Remote Connect Server0

Timeline

  • Apr 16, 2025 CVE ID Reserved
  • Dec 9, 2025 EPSS Score
  • Dec 9, 2025 CVE Published
  • Dec 9, 2025 CVE Updated
  • Dec 11, 2025 PoC Published
  • Dec 13, 2025 EPSS Score
  • Dec 17, 2025 EPSS Score
  • Dec 22, 2025 EPSS Score
  • Dec 26, 2025 EPSS Score
  • Dec 30, 2025 EPSS Score
  • Jan 3, 2026 EPSS Score
  • Jan 7, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›