CVE-2025-40569

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The "Load Configuration from Local PC" functionality in the web interface of affected products contains a race condition vulnerability. This could allow an authenticated remote attacker to make the affected product load an attacker controlled configuration instead of the legitimate one. Successful exploitation requires that a legitimate administrator invokes the functionality and the attacker wins the race condition.

CVSS v3 4.8 MEDIUM

4.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-693776.html

Configurations

No configuration.

History

No history.

Information

Published : 2025-06-10 16:15

Updated : 2026-01-13 10:15

NVD link : CVE-2025-40569

Mitre link : CVE-2025-40569

CVE.ORG link : CVE-2025-40569

JSON object : View

Products Affected

No product.

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

{"id": "CVE-2025-40569", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-10T16:15:38.727", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html", "source": "productcert@siemens.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The \"Load Configuration from Local PC\" functionality in the web interface of affected products contains a race condition vulnerability. This could allow an authenticated remote attacker to make the affected product load an attacker controlled configuration instead of the legitimate one. Successful exploitation requires that a legitimate administrator invokes the functionality and the attacker wins the race condition."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RST2428P (6GK6242-6PA00) (Todas las versiones < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (Todas las versiones < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (Todas las versiones < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (Todas las versiones < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (Todas las versiones < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (Todas las versiones < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (Todas las versiones < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (Todas las versiones < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (Todas las versiones < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (Todas las versiones < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (Todas las versiones < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (Todas las versiones < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (Todas las versiones < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (Todas las versiones < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (Todas las versiones < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (Todas las versiones < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (Todas las versiones < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (Todas las versiones < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (Todas las versiones < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (Todas las versiones < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (Todas las versiones < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (Todas las versiones < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (Todas las versiones < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (Todas las versiones < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (Todas las versiones < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (Todas las versiones < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (Todas las versiones < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (Todas las versiones < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (Todas las versiones < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (Todas las versiones < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (Todas las versiones < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (Todas las versiones < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (Todas las versiones < V3.2), SCALANCE XRM334 (230 V CA, 8xFO) (6GK5334-2TS01-3AR3) (Todas las versiones < V3.2), SCALANCE XRM334 (230 V CA, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (Todas las versiones < V3.2), SCALANCE XRM334 (24 V CC, 12xFO) (6GK5334-3TS01-2AR3) (Todas las versiones < V3.2), SCALANCE XRM334 (24 V CC, 8xFO) (6GK5334-2TS01-2AR3) (Todas las versiones < V3.2), SCALANCE XRM334 (24 V CC, 2 x 10 G, 24 x SFP, 8 x SFP+) (6GK5334-5TS01-2AR3) (Todas las versiones anteriores a la V3.2), SCALANCE XRM334 (2 x 230 V CA, 12 x FO) (6GK5334-3TS01-4AR3) (Todas las versiones anteriores a la V3.2), SCALANCE XRM334 (2 x 230 V CA, 8 x FO) (6GK5334-2TS01-4AR3) (Todas las versiones anteriores a la V3.2), SCALANCE XRM334 (2 x 230 V CA, 2 x 10 G, 24 x SFP, 8 x SFP+) (6GK5334-5TS01-4AR3) (Todas las versiones anteriores a la V3.2). La funci\u00f3n \"Cargar configuraci\u00f3n desde el PC local\" en la interfaz web de los productos afectados contiene una vulnerabilidad de condici\u00f3n de ejecuci\u00f3n. Esto podr\u00eda permitir que un atacante remoto autenticado haga que el producto afectado cargue una configuraci\u00f3n controlada por el atacante en lugar de la leg\u00edtima. Para explotar esta vulnerabilidad con \u00e9xito, es necesario que un administrador leg\u00edtimo invoque la funcionalidad y que el atacante supere la condici\u00f3n de ejecuci\u00f3n."}], "lastModified": "2026-01-13T10:15:57.920", "sourceIdentifier": "productcert@siemens.com"}