MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2025-40770

🔴 HIGH

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode...

Published
Aug 12, 2025
Last Modified
Aug 12, 2025
Views
170
Bookmarks
0

Expert Analysis 1 reviews

Request Review

Expert Consensus

📅 Patch Soon
Albert Ross
Albert Ross ✅ Verified

CEO VMR LLC

Over a dozen years of experience leading VM at some of the largest enterprises on earth

Web Security • Penetration Testing • Cloud Security

Patch Soon
Test 2

This is a test :) 👌

<script>alert('hi');</script>

This is a test :) 👌

<script>alert('hi');</script>

💡 Mitigation Advice

This is a test :) 👌

<script>alert('hi');</script>

2 months ago
1
Sign in to vote
100% helpful 1 votes

Community Discussion

No comments yet. Be the first to share your thoughts!

Full Description

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.

CVSS Scores

CVSS 3.1 7.4
7.4
HIGH
CVSS 2.0 7.4

References

cert-portal.siemens.com

Additional Information

Source
productcert@siemens.com
State
Undergoing analysis

Related CVEs

CVE-2025-12901

MEDIUM

The Asgaros Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing...

Score: 4.3

CVE-2025-12833

MEDIUM

The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Insecure Direct Object Referen...

Score: 4.3

CVE-2025-12087

MEDIUM

The Wishlist and Save for later for Woocommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and incl...

Score: 4.3

CVE-2025-54983

MEDIUM

A health check port on Zscaler Client Connector on Windows, versions 4.6 < 4.6.0.216 and 4.7 < 4.7.0.47, which under specific circumstances was not r...

Score: 5.2

CVE-2025-64531

HIGH

Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the co...

Score: 7.8

CVE-2025-61835

HIGH

Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary...

Score: 7.8

Share CVE-2025-40770

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2025-40770 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis