Vulnerability in SINEC Traffic Analyzer Affects Siemens Products
CVE-2025-40770

7.5HIGH

Key Information:

Vendor: Siemens
Status: Sinec Traffic Analyzer
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-40770?

A vulnerability exists in SINEC Traffic Analyzer, where the monitoring interface does not operate solely in a passive mode. This flaw can enable attackers to interact with the interface, potentially leading to man-in-the-middle attacks. As such, unauthorized users may gain the ability to intercept and manipulate data transmitted between trusted parties, posing significant security risks.

Affected Version(s)

SINEC Traffic Analyzer 0

References

https://cert-portal.siemens.com/productcert/html/ssa-5173...

CVSS V4

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Apr 16, 2025