EUVD-2025-14675

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Mendix OIDC SSO allows privilege misuse by unauthorized modification during development

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2025-40571	13 May 202510:15	–	attackerkb
Circl	CVE-2025-40571	13 May 202510:30	–	circl
CNNVD	Siemens Mendix OIDC SSO 安全漏洞	13 May 202500:00	–	cnnvd
CVE	CVE-2025-40571	13 May 202509:38	–	cve
Cvelist	CVE-2025-40571	13 May 202509:38	–	cvelist
ICS	Siemens Mendix OIDC SSO	13 May 202500:00	–	ics
NVD	CVE-2025-40571	13 May 202510:15	–	nvd
Positive Technologies	PT-2025-20866 · Mendix · Mendix Oidc Sso	13 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-40571	9 Jan 202610:58	–	redhatcve
Vulnrichment	CVE-2025-40571	13 May 202509:38	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "d39122e4-0f92-39ac-81fb-c592d94c7edb",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "424dbb3e-31ed-3efe-a22d-d18e3cf525c9",
        "product": {
          "name": "Mendix OIDC SSO (Mendix 10.12 compatible)"
        },
        "product_version": "0 <V4.0.1"
      },
      {
        "id": "8caa2cba-4de5-380f-8a41-286b83cd839b",
        "product": {
          "name": "Mendix OIDC SSO (Mendix 9 compatible)"
        },
        "product_version": "0 <*"
      },
      {
        "id": "d6c6ddc4-df7a-3a16-bac5-e45eb000ddbd",
        "product": {
          "name": "Mendix OIDC SSO (Mendix 10 compatible)"
        },
        "product_version": "0 <V4.1.0"
      },
      {
        "id": "f1299101-5789-32fe-bc9c-165b921fcb07",
        "product": {
          "name": "Mendix OIDC SSO (Mendix 10 compatible)"
        },
        "product_version": "0 <V4.0.0"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-726617.html

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.12.2

CVSS 42.1

EPSS0.00142

SSVC