CVE-2025-40737
Published: 08 July 2025
Summary
CVE-2025-40737 is a high-severity Path Traversal (CWE-22) vulnerability in Siemens Sinec Nms. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
A vulnerability identified as CVE-2025-40737 affects Siemens SINEC NMS in all versions prior to V4.0. The flaw arises from insufficient validation of file paths during extraction of uploaded ZIP archives, corresponding to CWE-22 path traversal. This permits an attacker to place arbitrary files in restricted directories on the server.
An authenticated user with network access can exploit the issue by uploading a malicious ZIP archive. Successful exploitation allows writing files outside intended directories, which may result in execution of code with elevated privileges on the affected system.
The Siemens security advisory available at https://cert-portal.siemens.com/productcert/html/ssa-078892.html supplies official guidance on mitigation steps, including recommended upgrades and any interim controls. The associated EPSS score has remained flat at 0.0172 with no material increase observed since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-20432
Vulnerability details
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially…
more
execute code with elevated privileges (ZDI-CAN-26571).
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in ZIP extraction on a network-accessible app directly enables remote exploitation for RCE and privilege escalation; arbitrary file write facilitates web shell deployment.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of file paths in uploaded ZIP files to block path traversal sequences and prevent arbitrary file writes to restricted locations.
Mandates timely flaw remediation by patching to SINEC NMS V4.0 or later, eliminating the vulnerability as recommended by the vendor advisory.
Monitors and protects against unauthorized changes to files and information, mitigating arbitrary writes from path traversal and detecting potential code execution.