Siemens SIMATIC CN 4100

MonitorCVSS 6.5ICS-CERT ICSA-25-191-04Jul 8, 2025

Siemens

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in Siemens SIMATIC CN 4100 (versions before V4.0) could allow an authenticated attacker on the network to cause a denial of service condition by sending a specially crafted input that is not properly validated. This would crash the engineering console and make it unavailable for configuration and monitoring tasks. Siemens has released firmware version V4.0 and recommends all users update to this version or later.

What this means

What could happen

An attacker with network access and valid credentials could crash the SIMATIC CN 4100 engineering console, interrupting configuration and monitoring of connected industrial equipment.

Who's at risk

This vulnerability affects users of Siemens SIMATIC CN 4100, an engineering console used to configure and manage SIMATIC automation systems. Site managers responsible for industrial automation systems, particularly in manufacturing, utilities, and process industries who use this device for system configuration and troubleshooting should prioritize this update.

How it could be exploited

An attacker on the network sends a specially crafted input to the CN 4100 device running a version before V4.0. The device fails to properly validate the input, crashes, and becomes unavailable until restarted. This requires the attacker to have network access to the device and valid login credentials.

Prerequisites

Network access to SIMATIC CN 4100 device
Valid engineering workstation credentials to authenticate to the device
CN 4100 running firmware version prior to V4.0

Remotely exploitableRequires authenticationLow complexity attackAffects control system engineering capabilityDenial of service impact

Exploitability

Unlikely to be exploited — EPSS score 0.3%

Affected products (1)

ProductAffected VersionsFix Status

SIMATIC CN 4100< V4.04.0

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to the SIMATIC CN 4100 to only authorized engineering workstations and control system networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC CN 4100 to firmware version V4.0 or later

Long-term hardening

0/1

HARDENINGPlace the CN 4100 on a protected control system network, isolated from the business/IT network with a firewall boundary

CVEs (1)

CVE-2025-40593

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9f4af170-3b96-4462-b722-7a34d05af0ae

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.