- Description
- A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). The affected device do not properly restrict the user permission for the registry key. This could allow an authenticated attacker to load vulnerable drivers into the system leading to privilege escalation or bypassing endpoint protection and other security measures.
- Source
- productcert@siemens.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- productcert@siemens.com
- CWE-732
- Hype score
- Not currently trending
🚨 CVE-2025-23403 🔴 HIGH (7) 🏢 Siemens - SIMATIC IPC DiagBase 🏗️ 0 🔗 https://t.co/sLeR1aPrn8 #CyberCron #VulnAlert https://t.co/dEomDJCyTK
@cybercronai
12 Feb 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-23403 | Siemens SIMATIC IPC DiagBase/SIMATIC IPC DiagMonitor permission assignment (ssa-369369)) has been published on https://t.co/B73yM7ChTK
@WolfgangSesin
11 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23403 A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). The affected device do not properly restrict the u… https://t.co/YK7jbwHvZD
@CVEnew
11 Feb 2025
223 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes