Description
The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.
Published: 2026-05-12
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability exists as a null pointer dereference triggered when the affected devices process specially crafted IPv4 packets. An attacker can send a carefully constructed packet over the network, causing the device to crash and become inoperable. This loss of service requires a manual restart to recover, directly impacting availability.

Affected Systems

The flaw affects a wide range of Siemens network equipment, including Internet‑Enabled/Power‑Backed LINK routers, RUGGEDCOM LTE routers, SCALANCE series switches and routers, and industrial controllers such as the SIMATIC ET 200S/200pro, S7‑1500, S7‑300, S7‑400, S7‑410 families, SINAMICS drives, SINUMERIK 840D, SIMIT units, and SITOP power supplies. Both embedded routers and Ethernet interfaces are impacted.

Risk and Exploitability

With a CVSS score of 8.7, the vulnerability is considered severe. No EPSS score is currently available, and the flaw is not listed in the CISA KEV catalog. It is likely exploitable through any network interface that accepts IPv4 traffic, requiring no special privileges. An attacker only needs the ability to reach the target device and can cause a denial of service that persists until a manual restart or firmware update is applied.

Generated by OpenCVE AI on May 12, 2026 at 10:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest firmware from the Siemens product support portal for all affected routers, switches and controllers.
  • If a firmware update is not yet available, schedule regular reboots or perform an immediate reboot after each observed crash to restore service.
  • Implement network segmentation or firewall rules to block unsolicited IPv4 traffic from untrusted sources until a permanent fix is applied.

Generated by OpenCVE AI on May 12, 2026 at 10:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2026-05-12T13:31:06.530Z

Reserved: 2025-04-16T08:50:26.976Z

Link: CVE-2025-40833

cve-icon Vulnrichment

Updated: 2026-05-12T13:30:42.843Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T10:16:41.883

Modified: 2026-05-12T14:19:41.400

Link: CVE-2025-40833

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T10:30:13Z

Weaknesses