Siemens has released a critical update for its SIMATIC ET 200SP communication processors, addressing an authentication that could allow unauthenticated remote attackers to access configuration data.
The , tracked as CVE-2025-40771, carries a CVSS v3.1 base score of 9.8.
“SIMATIC ET 200SP communication processors (CP 1542SP-1, CP 1542SP-1 IRC and CP 1543SP-1, incl. SIPLUS variants) contain an authentication that could allow an unauthenticated remote attacker to access the configuration data,” Siemens stated in its advisory.
The vulnerability affects the following devices and all versions prior to V2.4.24:
- SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)
- SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)
- SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)
- SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)
- SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)
- SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)
Siemens has issued fixed firmware versions V2.4.24 and later for all affected models.
The vulnerability arises because affected devices “do not properly authenticate configuration connections”, allowing an unauthenticated attacker on the network to access or manipulate configuration data remotely.
According to Siemens, the stems from CWE-306: Missing Authentication for Critical Function, meaning the authentication mechanism on key configuration interfaces was incomplete or missing altogether.
The company warns that exploitation “could allow an unauthenticated remote attacker to access configuration data,” potentially compromising device integrity or enabling further attacks across the control network.
The affected communication processors — including SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC — are used to connect ET 200SP controllers to Ethernet networks, providing essential connectivity between industrial control systems and enterprise networks. Given that these devices are deployed in automation environments, unauthorized access could potentially disrupt operational processes or expose critical control configurations.
Siemens strongly recommends that customers update to firmware version V2.4.24 or later. For organizations unable to patch immediately, the company provides specific mitigation steps: “Restrict access to the affected systems to trusted IP addresses only.”
Additionally, Siemens emphasizes applying its operational guidelines for Industrial , which include isolating devices within protected networks and enabling strong access control measures.
- Stored XSS vulnerability in MyBB Forum Software
- Prevention of AI misguided, IBM launches open source Adversarial Robustness Toolbox
- Hackers successfully penetrated BSNL intranet, over 47,000 employees info were leaked
- Siemens SIMATIC PLC exists DoS flaw
- CVE-2024-35783 (CVSS 9.4): Critical-Severity Flaw Exposes Siemens Industrial Systems
