VDB

CVE-2025-40819

CVE-2025-40819 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications do not properly validate license restrictions against the database, allowing direct modification of the system_ticketinfo table to bypass license limitations without proper enforcement checks. This could allow with database access to circumvent licensing restrictions by directly modifying database values and potentially enabling unauthorized use beyond the permitted scope.

EPSS 0.04% · 11.6th percentile

Risk Scores

CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score
0.04%
11.6th percentile

Affected Products

VendorProductVersions
SiemensSINEMA Remote Connect Server0
siemenssinema_remote_connect_server3.2, 3.2, 3.2

Timeline

  • Apr 16, 2025 CVE ID Reserved
  • Dec 9, 2025 EPSS Score
  • Dec 9, 2025 CVE Published
  • Dec 9, 2025 CVE Updated
  • Dec 11, 2025 PoC Published
  • Dec 13, 2025 EPSS Score
  • Dec 17, 2025 EPSS Score
  • Dec 22, 2025 EPSS Score
  • Dec 26, 2025 EPSS Score
  • Dec 30, 2025 EPSS Score
  • Jan 3, 2026 EPSS Score
  • Jan 7, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›