CVE-2025-40556

🗓️ 13 May 2025 09:38:51Reported by siemensType

CVE-2025-40556 allows denial of service via crafted BACnet MSTP messages on ATEC devices.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-40556	13 May 202510:30	–	circl
CNNVD	Siemens BACnet ATEC 输入验证错误漏洞	13 May 202500:00	–	cnnvd
CVE	CVE-2025-40556	13 May 202509:38	–	cve
EUVD	EUVD-2025-14681	3 Oct 202520:07	–	euvd
ICS	Siemens BACnet ATEC Devices	13 May 202500:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	14 May 202507:13	–	ncsc
NVD	CVE-2025-40556	13 May 202510:15	–	nvd
Positive Technologies	PT-2025-20864 · Unknown · Bacnet Atec 550-441 +3	13 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-40556	9 Jan 202608:45	–	redhatcve
Vulnrichment	CVE-2025-40556	13 May 202509:38	–	vulnrichment

[
  {
    "vendor": "Siemens",
    "product": "BACnet ATEC 550-440",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "BACnet ATEC 550-441",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "BACnet ATEC 550-445",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "BACnet ATEC 550-446",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-828116.html

13 May 2025 09:38Current

CVSS 3.16.5

CVSS 47.1

EPSS0.00205

CWE-20