CVE-2025-40593 Siemens CVE debrief

Who should care

Operators and administrators of Siemens SIMATIC CN 4100 devices, especially environments that expose or rely on the device’s SFTP functionality, should review this advisory promptly. Industrial control and OT teams should also confirm whether the affected product is deployed in production networks.

Technical summary

The advisory describes a network-reachable issue with CVSS v3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating low attack complexity, required low privileges, no user interaction, and high availability impact. The stated impact is denial of service caused by storing arbitrary files in the device’s SFTP folder. The advisory does not provide additional technical detail beyond that behavior.

Defensive priority

Medium. The issue is publicly disclosed, affects availability, and has a vendor fix available. Prioritize remediation where the product is operationally important or externally reachable.

Recommended defensive actions

• Update Siemens SIMATIC CN 4100 to V4.0 or later, per the vendor remediation guidance.
• Restrict access to the device’s SFTP service to only trusted administrative hosts and users.
• Monitor for unexpected file activity in the SFTP folder and for signs of service disruption.
• Review OT network segmentation and access controls around the affected device.
• Validate patching in a maintenance window consistent with industrial operations before deployment.

Evidence notes

All claims in this debrief are taken from the supplied CISA CSAF advisory record for ICSA-25-191-04 and its linked Siemens advisory references. The source describes the issue as arbitrary file storage in the SFTP folder leading to denial of service, and lists the remediation as updating to V4.0 or later. No KEV entry is associated with this CVE in the supplied data.

Official resources