CVE-2025-40937

CVE-2025-40937 affects Siemens SIMATIC CN 4100. Connected sources confirm a command-injection vulnerability due to insufficient REST API input validation, exploitable by an authenticated attacker to execute arbitrary code with limited privileges on all CN 4100 devices running versions older than ...