Error Handling Flaw in Altair Grid Engine from Vendor Altair
CVE-2025-40760

6.8MEDIUM

Key Information:

Vendor: Siemens
Status: Altair Grid Engine
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-40760?

A vulnerability has been discovered in Altair Grid Engine that improperly handles error messages during user authentication processes. This flaw allows local attackers to gain access to sensitive password hash information used for privileged accounts. By exploiting this weakness, attackers can extract these hashes and potentially perform offline brute-force attacks, posing a significant security risk to the affected systems.

Affected Version(s)

Altair Grid Engine 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5148...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Siemens

What is CVE-2025-40760?

Affected Version(s)

References

CVSS V4

Timeline