Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-40946

CVSS 8.3 · High EPSS 0.02% · P4
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-40946

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 110 TL3 (All versions), blueplanet 125 NX3 M11 (All versions), blueplanet 125 TL3 (All versions), blueplanet 125 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 137 TL3 (All versions), blueplanet 150 TL3 (All versions), blueplanet 150 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 155 TL3 (All versions), blueplanet 155 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 165 TL3 (All versions), blueplanet 165 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 25.0 NX3-33.0 NX3 (All versions), blueplanet 3.0 NX3-20.0 NX3 (All versions), blueplanet 3.0 TL3-60.0 TL3 (All versions), blueplanet 3.0-5.0 NX1 (All versions), blueplanet 360 NX3 M6 (All versions), blueplanet 50.0 NX3-60.0 NX3 (All versions), blueplanet 87.0 TL3 (All versions), blueplanet 87.0 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 92.0 TL3 (All versions), blueplanet 92.0 TL3 GEN2 (All versions < V6.1.4.9), blueplanet gridsafe 110 TL3-S (All versions < V3.91), blueplanet gridsafe 137 TL3-S (All versions < V3.91), blueplanet gridsafe 92.0 TL3-S (All versions < V3.91), blueplanet hybrid 10.0 TL3 (All versions), blueplanet hybrid 6.0 NH3-12.0 NH3 (All versions). A CRC16-based algorithm for generating Technical Service credentials could allow an attacker to derive the credentials from the devices serial number and misuse them to gain unauthorized access.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的密码学密钥
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens blueplanet是德国西门子(Siemens)公司的一系列面向光伏发电与储能系统的太阳能逆变器及能源监控产品。 Siemens多款产品存在安全漏洞,该漏洞源于基于CRC16的算法生成技术服务凭证,可能导致攻击者从设备序列号推导出凭证并滥用获取未授权访问。以下产品及版本受到影响:blueplanet 100 NX3 M8所有版本、blueplanet 100 TL3 GEN2 V6.1.4.9之前版本、blueplanet 105 TL3所有版本、blueplanet 105 TL3 G
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Siemensblueplanet 100 NX3 M8 0 ~ * -
Siemensblueplanet 100 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 105 TL3 0 ~ * -
Siemensblueplanet 105 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 110 TL3 0 ~ * -
Siemensblueplanet 125 NX3 M11 0 ~ * -
Siemensblueplanet 125 TL3 0 ~ * -
Siemensblueplanet 125 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 137 TL3 0 ~ * -
Siemensblueplanet 150 TL3 0 ~ * -
Siemensblueplanet 150 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 155 TL3 0 ~ * -
Siemensblueplanet 155 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 165 TL3 0 ~ * -
Siemensblueplanet 165 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 25.0 NX3-33.0 NX3 0 ~ * -
Siemensblueplanet 3.0 NX3-20.0 NX3 0 ~ * -
Siemensblueplanet 3.0 TL3-60.0 TL3 0 ~ * -
Siemensblueplanet 3.0-5.0 NX1 0 ~ * -
Siemensblueplanet 360 NX3 M6 0 ~ * -
Siemensblueplanet 50.0 NX3-60.0 NX3 0 ~ * -
Siemensblueplanet 87.0 TL3 0 ~ * -
Siemensblueplanet 87.0 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet 92.0 TL3 0 ~ * -
Siemensblueplanet 92.0 TL3 GEN2 0 ~ V6.1.4.9 -
Siemensblueplanet gridsafe 110 TL3-S 0 ~ V3.91 -
Siemensblueplanet gridsafe 137 TL3-S 0 ~ V3.91 -
Siemensblueplanet gridsafe 92.0 TL3-S 0 ~ V3.91 -
Siemensblueplanet hybrid 10.0 TL3 0 ~ * -
Siemensblueplanet hybrid 6.0 NH3-12.0 NH3 0 ~ * -

II. Public POCs for CVE-2025-40946

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-40946

登录查看更多情报信息。

Same Patch Batch · Siemens · 2026-05-12 · 20 CVEs total

CVE-2025-409499.1 CRITICALSiemens多款产品 操作系统命令注入漏洞
CVE-2026-229249.1 CRITICALSiemens SIMATIC CN 4100 访问控制错误漏洞
CVE-2026-257869.1 CRITICALSiemens多款产品 跨站脚本漏洞
CVE-2026-257879.1 CRITICALSiemens SIMATIC 跨站脚本漏洞
CVE-2026-415519.1 CRITICALSiemens ROS# 安全漏洞
CVE-2026-444127.8 HIGHSiemens Solid Edge 安全漏洞
CVE-2026-444117.8 HIGHSiemens Solid Edge 缓冲区错误漏洞
CVE-2026-276627.7 HIGHSiemens SIMATIC HMI Comfort Panels 安全漏洞
CVE-2025-408337.5 HIGHSiemens多款产品 代码问题漏洞
CVE-2025-409477.5 HIGHSiemens RUGGEDCOM 操作系统命令注入漏洞
CVE-2026-229257.5 HIGHSiemens SIMATIC CN 4100 安全漏洞
CVE-2026-338937.5 HIGHSiemens多款产品 信任管理问题漏洞
CVE-2026-338627.3 HIGHSiemens Teamcenter 跨站脚本漏洞
CVE-2026-257897.1 HIGHSiemens多款产品 跨站脚本漏洞
CVE-2025-409486.8 MEDIUMSiemens多款产品 参数注入漏洞
CVE-2026-411256.0 MEDIUMSiemens多款产品 SQL注入漏洞
CVE-2024-540175.3 MEDIUMSiemens SIPROTEC 5 安全漏洞
CVE-2026-421775.3 MEDIUMlinux-entra-sso: PRT SSO cookie can leak to attacker-controlled hosts when broad host perm
CVE-2025-12659Heap-based buffer overflow in Siemens Simcenter Femap

IV. Related Vulnerabilities

Same product: blueplanet 100 NX3 M8
Same vendor: Siemens
Same weakness: CWE-321

V. Comments for CVE-2025-40946

No comments yet

Leave a comment