{"vulnerability": "CVE-2025-4057", "sightings": [{"uuid": "b5ad572c-3755-4f4b-b25a-efbef80dd054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40577", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2cmzo5rjk2", "content": "", "creation_timestamp": "2025-05-13T10:48:12.124218Z"}, {"uuid": "2eed7449-08eb-4e80-93d4-8213952393e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4057", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lqnfni2co22w", "content": "", "creation_timestamp": "2025-06-02T18:26:30.702913Z"}, {"uuid": "411a617c-dd43-4534-a7b9-e84517a62b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40578", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2cmziil642", "content": "", "creation_timestamp": "2025-05-13T10:48:13.805096Z"}, {"uuid": "5d5876eb-e3f4-4049-a78d-a326a85f9b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40576", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2cn2g6qm42", "content": "", "creation_timestamp": "2025-05-13T10:48:14.353474Z"}, {"uuid": "5c63dced-f2ba-4b7a-ac5b-ef40f38e93fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40575", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2cn4amk542", "content": "", "creation_timestamp": "2025-05-13T10:48:35.394487Z"}, {"uuid": "d803177a-09e9-45ec-9223-ea56e651761d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40579", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2cn4u6yr42", "content": "", "creation_timestamp": "2025-05-13T10:48:35.967861Z"}, {"uuid": "02e65ef9-0ec2-4b9b-91f8-7161b26fd123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40573", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxhnnuy2w", "content": "", "creation_timestamp": "2025-05-13T10:52:34.886338Z"}, {"uuid": "da1dca7b-aa67-44ba-9427-80118d92c92f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40574", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxhr5x52t", "content": "", "creation_timestamp": "2025-05-13T10:52:35.464887Z"}, {"uuid": "cede7721-d796-4462-884d-6d368bd45577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40571", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxhz3342e", "content": "", "creation_timestamp": "2025-05-13T10:52:36.646801Z"}, {"uuid": "92530f25-10a1-4a3b-b18c-b7d801bd6800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40572", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxi7tx42o", "content": "", "creation_timestamp": "2025-05-13T10:52:37.849862Z"}, {"uuid": "b17d0066-e9a1-4062-80bb-7c3bad7b255e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40577", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxidbkx2r", "content": "", "creation_timestamp": "2025-05-13T10:52:38.450082Z"}, {"uuid": "c016ae27-7f61-4819-b373-1f85d2ec79d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40576", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxikkpu2o", "content": "", "creation_timestamp": "2025-05-13T10:52:39.613185Z"}, {"uuid": "0c9c1a2f-5c43-4ed2-887c-76b492e4d506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40578", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxiv5th2r", "content": "", "creation_timestamp": "2025-05-13T10:52:41.358010Z"}, {"uuid": "e23690c0-4d42-4528-9528-290416dfa3e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40575", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxj47vm2h", "content": "", "creation_timestamp": "2025-05-13T10:52:42.478499Z"}, {"uuid": "935d7eb2-7806-494c-9868-3e901618c5a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40579", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp2cxjmzb42o", "content": "", "creation_timestamp": "2025-05-13T10:52:45.375193Z"}, {"uuid": "95c10215-377b-4afb-bc65-494619652d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40577", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16098", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40577\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.\n\ud83d\udccf Published: 2025-05-13T09:39:02.819Z\n\ud83d\udccf Modified: 2025-05-13T09:39:02.819Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:21.000000Z"}, {"uuid": "2014643c-556a-40e2-9c05-240d741b7005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4057", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3crt2uyd22", "content": "", "creation_timestamp": "2025-05-26T13:47:16.550601Z"}, {"uuid": "46deb888-1a72-4faa-858f-f43c60cf4016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40572", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "4661a62e-69c0-480b-bb0e-defa5e84a57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40573", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "854f269b-b540-412e-8510-ab8933299ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40574", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "c7610a80-71b7-4b9e-b09c-34957db0338e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40575", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "68ac74c5-3cb0-45b6-a811-4d4f6bfcadc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40576", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "86ba78d8-5cce-45cb-a14a-3ec9e85f60e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40577", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "510710de-675e-48d6-8e89-7df04e815c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40578", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "5c19bcc8-bbca-4031-be35-bc2e4db0fea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40579", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-18", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "965b69d3-9f19-466b-b0ad-900f1cdbf8ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40571", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-15", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "02c0fa0f-f8b6-47b2-a981-d3f0761c481a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40570", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-10", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "4874da0c-db99-4dcc-bc73-583777456978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40578", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16097", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40578\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession.\nAn unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.\n\ud83d\udccf Published: 2025-05-13T09:39:04.250Z\n\ud83d\udccf Modified: 2025-05-13T09:39:04.250Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:20.000000Z"}, {"uuid": "bbe0133f-0c7b-402c-b27f-e9ed011ed15b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40579", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16096", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40579\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow.\nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.\n\ud83d\udccf Published: 2025-05-13T09:39:05.634Z\n\ud83d\udccf Modified: 2025-05-13T09:39:05.634Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:20.000000Z"}, {"uuid": "8d1eb3b4-c3e0-4ae0-a432-45f90a49aa1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40571", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16104", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40571\n\ud83d\udd25 CVSS Score: 2.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.0.0), Mendix OIDC SSO (Mendix 9 compatible) (All versions). The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development.\n\ud83d\udccf Published: 2025-05-13T09:38:54.270Z\n\ud83d\udccf Modified: 2025-05-13T09:38:54.270Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-726617.html", "creation_timestamp": "2025-05-13T10:30:31.000000Z"}, {"uuid": "f7a00da1-8f4d-4142-be15-c52a3f0a70b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16103", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40572\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.\nThis could allow a non-privileged local attacker to access sensitive information stored on the device.\n\ud83d\udccf Published: 2025-05-13T09:38:55.568Z\n\ud83d\udccf Modified: 2025-05-13T09:38:55.568Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:30.000000Z"}, {"uuid": "9496029e-2268-4c84-80b7-d1f9a75372ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40576", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16099", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40576\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.\n\ud83d\udccf Published: 2025-05-13T09:39:00.716Z\n\ud83d\udccf Modified: 2025-05-13T09:39:00.716Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:22.000000Z"}, {"uuid": "0320607d-c290-4cd7-8f04-ac1cc0d4b9ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40573", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16102", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40573\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks.\nThis could allow a privileged local attacker to restore backups that are outside the backup folder.\n\ud83d\udccf Published: 2025-05-13T09:38:56.842Z\n\ud83d\udccf Modified: 2025-05-13T09:38:56.842Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:29.000000Z"}, {"uuid": "128468c7-bd08-4970-9453-a6507594b2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40574", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16101", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40574\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.\nThis could allow a non-privileged local attacker to interact with the backupmanager service.\n\ud83d\udccf Published: 2025-05-13T09:38:58.108Z\n\ud83d\udccf Modified: 2025-05-13T09:38:58.108Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:28.000000Z"}, {"uuid": "ae4e59e7-193e-4174-8cb9-4628f4e207a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16100", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40575\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.\nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd\nprocess.\n\ud83d\udccf Published: 2025-05-13T09:38:59.396Z\n\ud83d\udccf Modified: 2025-05-13T09:38:59.396Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-327438.html", "creation_timestamp": "2025-05-13T10:30:23.000000Z"}, {"uuid": "98496b67-0e12-454f-902b-13cd2f067bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40577", "type": "seen", "source": "https://t.me/cvedetector/25184", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40577 - \"SCALANCE LPE9403 Profinet Packet Validation Remote Code Execution Denial of Service\"\", \n  \"Content\": \"CVE ID : CVE-2025-40577 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.  \nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:18.000000Z"}, {"uuid": "07594f01-9539-4135-8533-2b9b6b7830be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4057", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17543", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4057\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.\n\ud83d\udccf Published: 2025-05-26T08:53:04.340Z\n\ud83d\udccf Modified: 2025-05-26T08:53:04.340Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-4057\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2362827", "creation_timestamp": "2025-05-26T09:49:11.000000Z"}, {"uuid": "b3da92d2-a5a7-4130-91f0-cc12df9c190c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40571", "type": "seen", "source": "https://t.me/cvedetector/25189", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40571 - Mendix OIDC SSO Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-40571 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.0.0), Mendix OIDC SSO (Mendix 9 compatible) (All versions). The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. \nSeverity: 2.2 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:25.000000Z"}, {"uuid": "1cb72854-5056-4102-9192-eacb8826f4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40575", "type": "seen", "source": "https://t.me/cvedetector/25187", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40575 - SCALANCE LPE9403 Remote Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-40575 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.  \nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd  \nprocess. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:24.000000Z"}, {"uuid": "9bb0ee06-1b68-4c26-9150-126b3d5a6a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40579", "type": "seen", "source": "https://t.me/cvedetector/25186", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40579 - Siemens SCALANCE LPE9403 Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-40579 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to a stack-based buffer overflow.  \nThis could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:23.000000Z"}, {"uuid": "b128fdf1-4d7e-42c6-9339-4d7fda5e1750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40578", "type": "seen", "source": "https://t.me/cvedetector/25185", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40578 - \"SCALANCE LPE9403 Profinet Packet Flood Crash Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-40578 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession.  \nAn unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:22.000000Z"}, {"uuid": "59d760aa-5d3a-4ad4-8589-8f16cbbea30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40574", "type": "seen", "source": "https://t.me/cvedetector/25192", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40574 - \"Siemens SCALANCE LPE9403 Privilege Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2025-40574 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.  \nThis could allow a non-privileged local attacker to interact with the backupmanager service. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:31.000000Z"}, {"uuid": "2502df5b-8ec8-46d7-a03c-6e46be690a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40573", "type": "seen", "source": "https://t.me/cvedetector/25191", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40573 - SCALANCE LPE9403 Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-40573 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks.  \nThis could allow a privileged local attacker to restore backups that are outside the backup folder. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:30.000000Z"}, {"uuid": "8b544bd0-9a33-4717-8d4d-c317b2f924a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40572", "type": "seen", "source": "https://t.me/cvedetector/25190", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40572 - Siemens SCALANCE LPE9403 Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-40572 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.  \nThis could allow a non-privileged local attacker to access sensitive information stored on the device. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:29.000000Z"}, {"uuid": "76f22de5-d44a-465b-a369-577bf304bccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-40576", "type": "seen", "source": "https://t.me/cvedetector/25183", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-40576 - \"SCALANCE LPE9403 Profinet Packet Validation Remote Crash Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-40576 \nPublished : May 13, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.  \nAn unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T13:52:18.000000Z"}]}