CVE-2025-40767 HIGH

CVE-2025-40767

Vendor Siemens

Product SINEC Traffic Analyzer

Weakness CWE-250

Published August 12, 2025

Last update August 12, 2025

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.

Key dates

02Disclosure timeline

August 12, 2025 CVE published

August 12, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-40767 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/250.html

Related vulnerabilities

CVE-2025-40767

01Description

02Disclosure timeline

03References

04Related CVE