CVE-2025-40946
Essential information
- Published
- 12/05/2026 10:16
- Modified
- 12/05/2026 14:19
- Author
- —
- Creator
- —
- CVSS
- 7.2 HIGH (v3) 7.2 HIGH (v4.0)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
—
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Privileges required
- —
- User interaction
- —
- Scope
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- ADJACENT
- Attack complexity
- LOW
- Attack requirements
- NONE
- Privileges required
- NONE
- User interaction
- NONE
- Confidentiality (V)
- LOW
- Confidentiality (S)
- NONE
- Integrity (V)
- HIGH
- Integrity (S)
- NONE
- Availability (V)
- HIGH
- Availability (S)
- NONE
- Exploit maturity
- NOT_DEFINED
Description
A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 110 TL3 (All versions), blueplanet 125 NX3 M11 (All versions), blueplanet 125 TL3 (All versions), blueplanet 125 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 137 TL3 (All versions), blueplanet 150 TL3 (All versions), blueplanet 150 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 155 TL3 (All versions), blueplanet 155 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 165 TL3 (All versions), blueplanet 165 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 25.0 NX3-33.0 NX3 (All versions), blueplanet 3.0 NX3-20.0 NX3 (All versions), blueplanet 3.0 TL3-60.0 TL3 (All versions), blueplanet 3.0-5.0 NX1 (All versions), blueplanet 360 NX3 M6 (All versions), blueplanet 50.0 NX3-60.0 NX3 (All versions), blueplanet 87.0 TL3 (All versions), blueplanet 87.0 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 92.0 TL3 (All versions), blueplanet 92.0 TL3 GEN2 (All versions < V6.1.4.9), blueplanet gridsafe 110 TL3-S (All versions < V3.91), blueplanet gridsafe 137 TL3-S (All versions < V3.91), blueplanet gridsafe 92.0 TL3-S (All versions < V3.91), blueplanet hybrid 10.0 TL3 (All versions), blueplanet hybrid 6.0 NH3-12.0 NH3 (All versions). A CRC16-based algorithm for generating Technical Service credentials could allow an attacker to derive the credentials from the devices serial number and misuse them to gain unauthorized access.
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| siemens / blueplanet 100 nx3 m8 | cpe:2.3:a:siemens:blueplanet_100_nx3_m8:*:*:*:*:*:*:*:* |
| siemens / blueplanet 100 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_100_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 105 tl3 | cpe:2.3:a:siemens:blueplanet_105_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 105 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_105_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 110 tl3 | cpe:2.3:a:siemens:blueplanet_110_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 125 nx3 m11 | cpe:2.3:a:siemens:blueplanet_125_nx3_m11:*:*:*:*:*:*:*:* |
| siemens / blueplanet 125 tl3 | cpe:2.3:a:siemens:blueplanet_125_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 125 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_125_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 137 tl3 | cpe:2.3:a:siemens:blueplanet_137_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 150 tl3 | cpe:2.3:a:siemens:blueplanet_150_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 150 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_150_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 155 tl3 | cpe:2.3:a:siemens:blueplanet_155_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 155 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_155_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 165 tl3 | cpe:2.3:a:siemens:blueplanet_165_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 165 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_165_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 25.0 nx3-33.0 nx3 | cpe:2.3:a:siemens:blueplanet_25.0_nx3-33.0_nx3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 3.0 nx3-20.0 nx3 | cpe:2.3:a:siemens:blueplanet_3.0_nx3-20.0_nx3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 3.0 tl3-60.0 tl3 | cpe:2.3:a:siemens:blueplanet_3.0_tl3-60.0_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 3.0-5.0 nx1 | cpe:2.3:a:siemens:blueplanet_3.0-5.0_nx1:*:*:*:*:*:*:*:* |
| siemens / blueplanet 360 nx3 m6 | cpe:2.3:a:siemens:blueplanet_360_nx3_m6:*:*:*:*:*:*:*:* |
| siemens / blueplanet 50.0 nx3-60.0 nx3 | cpe:2.3:a:siemens:blueplanet_50.0_nx3-60.0_nx3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 87.0 tl3 | cpe:2.3:a:siemens:blueplanet_87.0_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 87.0 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_87.0_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet 92.0 tl3 | cpe:2.3:a:siemens:blueplanet_92.0_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet 92.0 tl3 gen2 | cpe:2.3:a:siemens:blueplanet_92.0_tl3_gen2:<6.1.4.9:*:*:*:*:*:*:* |
| siemens / blueplanet gridsafe 110 tl3-s | cpe:2.3:a:siemens:blueplanet_gridsafe_110_tl3-s:<3.91:*:*:*:*:*:*:* |
| siemens / blueplanet gridsafe 137 tl3-s | cpe:2.3:a:siemens:blueplanet_gridsafe_137_tl3-s:<3.91:*:*:*:*:*:*:* |
| siemens / blueplanet gridsafe 92.0 tl3-s | cpe:2.3:a:siemens:blueplanet_gridsafe_92.0_tl3-s:<3.91:*:*:*:*:*:*:* |
| siemens / blueplanet hybrid 10.0 tl3 | cpe:2.3:a:siemens:blueplanet_hybrid_10.0_tl3:*:*:*:*:*:*:*:* |
| siemens / blueplanet hybrid 6.0 nh3-12.0 nh3 | cpe:2.3:a:siemens:blueplanet_hybrid_6.0_nh3-12.0_nh3:*:*:*:*:*:*:*:* |