Denial-of-Service Vulnerability in Siemens SIMATIC ET 200 Products
CVE-2025-40944

8.7HIGH

Key Information:

Vendor: Siemens
Status: Simatic Et 200al Im 157-1 Pn; Simatic Et 200mp Im 155-5 Pn Hf; Simatic Et 200sp Im 155-6 Mf Hf; Simatic Et 200sp Im 155-6 Pn Ha (incl. Siplus Variants)
Vendor: CVE Published:; 13 January 2026

What is CVE-2025-40944?

A vulnerability in Siemens SIMATIC ET 200 products has been identified where affected devices fail to properly manage S7 protocol session disconnect requests. When a valid Disconnect Request is received on TCP port 102, these devices may enter an improper session state, leading to a denial-of-service condition. This issue necessitates a power cycle to restore normal operations, potentially impacting critical functions and uptime.

Affected Version(s)

SIMATIC ET 200AL IM 157-1 PN 0

SIMATIC ET 200MP IM 155-5 PN HF V4.2.0

SIMATIC ET 200SP IM 155-6 MF HF 0

References

https://cert-portal.siemens.com/productcert/html/ssa-6747...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Apr 16, 2025

CVE-2025-40944 Data

JSON