ID
VAR-202601-0370
CVE
CVE-2025-40942
DESCRIPTION
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4). Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges.
Trust: 1.0
sources:
NVD: CVE-2025-40942
AFFECTED PRODUCTS
| vendor: | siemens | model: | telecontrol server basic | scope: | lt | version: | 3.1.2.4 | Trust: 1.0 |
sources:
NVD: CVE-2025-40942
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
NVD: CVE-2025-40942 //
NVD: CVE-2025-40942
PROBLEMTYPE DATA
| problemtype: | CWE-250 | Trust: 1.0 |
sources:
NVD: CVE-2025-40942
EXTERNAL IDS
| db: | SIEMENS | id: | SSA-192617 | Trust: 1.0 |
| db: | NVD | id: | CVE-2025-40942 | Trust: 1.0 |
sources:
NVD: CVE-2025-40942
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/html/ssa-192617.html | Trust: 1.0 |
sources:
NVD: CVE-2025-40942
SOURCES
| db: | NVD | id: | CVE-2025-40942 |
LAST UPDATE DATE
2026-01-23T23:21:58.728000+00:00
SOURCES UPDATE DATE
| db: | NVD | id: | CVE-2025-40942 | date: | 2026-01-22T20:58:54.670 |
SOURCES RELEASE DATE
| db: | NVD | id: | CVE-2025-40942 | date: | 2026-01-13T10:15:58.283 |