Null Pointer Dereference Vulnerability in Siemens Products
CVE-2025-40833

8.7HIGH

Key Information:

Vendor: Siemens
Status: Ie/pb Link Ha; Ie/pb Link Pn Io; Ruggedcom Rm1224 Lte(4g) Eu; Ruggedcom Rm1224 Lte(4g) Nam
Vendor: CVE Published:; 12 May 2026

What is CVE-2025-40833?

The vulnerability exists in several Siemens devices that process specially crafted IPv4 requests. A null pointer dereference can occur, leading to a denial of service. This situation necessitates a manual restart to restore system functionality. Organizations utilizing affected Siemens products should assess their network configurations and apply necessary updates to mitigate potential disruptions.

Affected Version(s)

IE/PB LINK HA 0

IE/PB link PN IO 0

RUGGEDCOM RM1224 LTE(4G) EU 0

References

https://cert-portal.siemens.com/productcert/html/ssa-3923...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Apr 16, 2025

CVE-2025-40833 Data

JSON