Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-32422

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-18 Jun, 2026 | 16:12
Updated At-18 Jun, 2026 | 18:53
Rejected At-
Credits

AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepThroughItemsBlock` can iterate all the contents in a list and send them to `FileStoreBlock` for downloading one by one. Although `FileStoreBlock` has access time limits for downloading files, `StepThroughItemsBlock` can be used to slowly iterate and download relatively small files (e.g., 100M) multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `FileStoreBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to download too many videos, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:18 Jun, 2026 | 16:12
Updated At:18 Jun, 2026 | 18:53
Rejected At:
▼CVE Numbering Authority (CNA)
AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepThroughItemsBlock` can iterate all the contents in a list and send them to `FileStoreBlock` for downloading one by one. Although `FileStoreBlock` has access time limits for downloading files, `StepThroughItemsBlock` can be used to slowly iterate and download relatively small files (e.g., 100M) multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `FileStoreBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to download too many videos, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.

Affected Products
Vendor
Significant-Gravitas
Product
AutoGPT
Versions
Affected
  • < 0.6.63
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400: Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400: Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
x_refsource_CONFIRM
Hyperlink: https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
exploit
Hyperlink: https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:18 Jun, 2026 | 17:16
Updated At:18 Jun, 2026 | 20:16

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `StepThroughItemsBlock` can iterate all the contents in a list and send them to `FileStoreBlock` for downloading one by one. Although `FileStoreBlock` has access time limits for downloading files, `StepThroughItemsBlock` can be used to slowly iterate and download relatively small files (e.g., 100M) multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `FileStoreBlock` does not limit the amount of disk space consumed in the current working directory. When a malicious user chooses to download too many videos, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
N/A
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-400Secondarysecurity-advisories@github.com
CWE ID: CWE-400
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6security-advisories@github.com
N/A
https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-9fr4-9jj9-mhh6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

65Records found
CVE-2025-41360
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-8.7||HIGH
EPSS-0.34% / 25.21%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 11:45
Updated-06 Jun, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled resource consumption vulnerability in IDF and ZLF

Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial of service attack.

Action-Not Available
Vendor-ZIV
Product-IDF and ZLF
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-3602
Matching Score-4
Assigner-Liferay, Inc.
ShareView Details
Matching Score-4
Assigner-Liferay, Inc.
CVSS Score-8.7||HIGH
EPSS-0.42% / 33.40%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 13:50
Updated-16 Dec, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth of a GraphQL queries, which allows remote attackers to perform denial-of-service (DoS) attacks on the application by executing complex queries.

Action-Not Available
Vendor-Liferay Inc.
Product-liferay_portaldigital_experience_platformPortalDXP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-3526
Matching Score-4
Assigner-Liferay, Inc.
ShareView Details
Matching Score-4
Assigner-Liferay, Inc.
CVSS Score-8.7||HIGH
EPSS-0.48% / 37.34%
||
7 Day CHG~0.00%
Published-16 Jun, 2025 | 14:18
Updated-16 Dec, 2025 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to denial-of-service (DoS) conditions via crafted HTTP requests.

Action-Not Available
Vendor-Liferay Inc.
Product-liferay_portaldigital_experience_platformPortalDXP
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-29907
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.65% / 46.06%
||
7 Day CHG+0.03%
Published-18 Mar, 2025 | 18:40
Updated-22 Sep, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
jsPDF Bypass Regular Expression Denial of Service (ReDoS)

jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.1, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitised image urls to the addImage method, a user can provide a harmful data-url that results in high CPU utilization and denial of service. Other affected methods are html and addSvgAsImage. The vulnerability was fixed in jsPDF 3.0.1.

Action-Not Available
Vendor-parallparallax
Product-jspdfjsPDF
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-30160
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.53% / 40.76%
||
7 Day CHG+0.04%
Published-20 Mar, 2025 | 18:09
Updated-03 Feb, 2026 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

Redlib is an alternative private front-end to Reddit. A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service (DOS) condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restore_preferences form. This leads to excessive memory consumption and potential system instability, which can be exploited to disrupt Redlib instances. This vulnerability is fixed in 0.36.0.

Action-Not Available
Vendor-redlibredlib-org
Product-redlibredlib
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-9409
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8.7||HIGH
EPSS-0.78% / 50.97%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 04:29
Updated-19 Nov, 2024 | 15:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become unresponsive resulting in communication loss when a large amount of IGMP packets is present in the network.

Action-Not Available
Vendor-
Product-powerlogic_pm5340powerlogic_pm5320_firmwarepowerlogic_pm5341powerlogic_pm5341_firmwarepowerlogic_pm5320powerlogic_pm5340_firmwarePowerLogic PM5320PowerLogic PM5340PowerLogic PM5341powerlogic_pm5340powerlogic_pm5341powerlogic_pm5320
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-7254
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-8.7||HIGH
EPSS-2.79% / 84.55%
||
7 Day CHG~0.00%
Published-19 Sep, 2024 | 00:18
Updated-26 Sep, 2025 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack overflow in Protocol Buffers Java Lite

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.

Action-Not Available
Vendor-NetApp, Inc.Google LLC
Product-bluexpprotobuf-kotlin-liteprotobufprotobuf-javaontap_toolsprotobuf-kotlinprotobuf-javaliteactive_iq_unified_managerProtocol Buffersprotobuf-javagoogle-protobuf [JRuby Gem]protobuf-kotlinprotobuf-kotllin-liteprotobuf-javaliteprotobufprotobuf-kotlin-lite
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-58306
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.43% / 33.87%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 21:41
Updated-07 Apr, 2026 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
minaliC 2.0.0 Denial of Service Vulnerability via Large GET Request

minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash the web server by sending oversized GET requests. Attackers can send crafted HTTP requests with excessive data to overwhelm the server and cause service interruption.

Action-Not Available
Vendor-minalic
Product-minaliC
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-36872
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.45% / 35.88%
||
7 Day CHG~0.00%
Published-26 Nov, 2025 | 22:13
Updated-14 May, 2026 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BACnet Test Server 1.01 Malformed BVLC Length DoS

BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. The server fails to properly validate the BVLC Length field in incoming UDP BVLC frames on the default BACnet port (47808/udp). A remote unauthenticated attacker can send a malformed BVLC Length value to trigger an access violation and crash the application, resulting in a denial of service.

Action-Not Available
Vendor-BACnet Interoperability Test Services, Inc.
Product-BACnet Test Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-9282
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-0.51% / 39.58%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 13:59
Updated-02 Feb, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-armorstart_ltarmorstart_lt_firmwareArmorStart® LT
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-9466
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-0.57% / 42.62%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 13:54
Updated-02 Feb, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP and CIP grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-armorstart_ltarmorstart_lt_firmwareArmorStart® LT
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-25401
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.42% / 33.61%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 21:55
Updated-19 Feb, 2026 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bematech Printer MP-4200 TH Denial of Service

Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service condition.

Action-Not Available
Vendor-Bematech
Product-MP-4200
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-4986
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.44% / 34.82%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 21:52
Updated-25 May, 2026 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hirschmann EagleSDV Denial of Service via TLS

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.

Action-Not Available
Vendor-Belden
Product-Hirschmann EagleSDV
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12741
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-3.31% / 86.98%
||
7 Day CHG~0.00%
Published-26 Dec, 2017 | 04:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually.

Action-Not Available
Vendor-Siemens AG
Product-sinamics_dcpsimatic_compact_field_unitsimotion_c_firmwaresimotion_csimatic_et_200mpsimatic_s7-400pn\/dp_v7ek-ertec_200pn_iosinamics_s120simatic_s7-400pn\/dp_v7_firmwaresimatic_compact_field_unit_firmwaresimatic_s7-1500_controller_firmwaresinamics_s150_v4.8simatic_s7-410_v8simatic_s7-1500_controllersimatic_s7-400h_v6sinamics_s110pnsimatic_et_200alsinumerik_840d_sl_firmwaresimocode_pro_v_profinetsinamics_g150_firmwaresinamics_s110pn_firmwaresimatic_et_200msimatic_et_200al_firmwaresimatic_winac_rtx_f_2010_firmwaresinamics_s120_firmwaresinamics_dcmek-ertec_200p_firmwaresimatic_et_200pro_firmwaresimatic_winac_rtx_f_2010simatic_pn\/pn_coupler_firmwaresimatic_s7-410_v8_firmwaresimatic_et_200ecopnsimatic_pn\/pn_couplersinamics_g110m\/g120pn_firmwaresimatic_et_200mp_firmwaresimatic_s7-400pn_v6_firmwareek-ertec_200psimatic_s7-1200sinamics_v90pn_firmwaresimatic_s7-300sinamics_s150_v4.7sinamics_v90pnsimatic_s7-400pn_v6simatic_s7-300_firmwaresimotion_p_firmwaresimatic_s7-1200_firmwaresimatic_et_200prosimotion_psimatic_s7-200_firmwaresinamics_g150dk_standard_ethernet_controllersimatic_s7-1500_firmwaresimatic_s7-400h_v6_firmwaresinamics_g110m\/g120pnsimatic_s7-1500sinamics_s150_v4.7_firmwaresirius_soft_starter_3rw44pnsinamics_dcp_firmwaredk_standard_ethernet_controller_firmwaresimatic_et_200s_firmwaresimatic_et_200sp_firmwareek-ertec_200pn_io_firmwaresimotion_d_firmwaresimotion_dsinamics_dcm_firmwaresimatic_et_200ssimatic_s7-200sinumerik_840d_slsimatic_et_200m_firmwaresimatic_et_200spsinamics_s150_v4.8_firmwaresinamics_g130_firmwaresinamics_g130simatic_et_200ecopn_firmwaresimocode_pro_v_profinet_firmwaresirius_soft_starter_3rw44pn_firmwareSIMOTION DSINAMICS GL150 V4.7 w. PROFINETSINAMICS S110 w. PNSINUMERIK 840D slSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)SIMOTION P V5SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12SINAMICS SL150 V4.7.5 w. PROFINETSIMATIC ET200ecoPN, 4AO U/I 4xM12SIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN HFSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 PN STSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN HSSIMATIC ET200ecoPN: IO-Link MasterSINAMICS SL150 V4.7.4 w. PROFINETSIMOCODE pro V PROFINET (incl. SIPLUS variants)SIMATIC ET 200SP IM 155-6 PN BASIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12SIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIPLUS ET 200SP IM 155-6 PN ST TX RAILSINAMICS SL150 V4.7.0 w. PROFINETSIMATIC ET 200SP IM 155-6 PN ST BASINAMICS G150 V4.7 w. PNSIMATIC ET 200MP IM 155-5 PN HFSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12SIMATIC ET 200pro IM 154-4 PN HFSIRIUS Soft Starter 3RW44 PNSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1500 Software ControllerSIMATIC ET 200MP IM 155-5 PN STSIMATIC TDC CPU555SIMATIC ET200S (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)SINAMICS G110M w. PNSIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12SIMOTION CSIMATIC TDC CP51M1SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12SIMATIC WinAC RTX 2010SIMATIC ET 200MP IM 155-5 PN BASIMOTION D4xx V4.4 for SINAMICS SM150i-2 w. PROFINET (incl. SIPLUS variants)SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)SIMATIC S7-1200 CPU family (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12SINAMICS V90 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200PSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)SIPLUS ET 200SP IM 155-6 PN ST BASIMATIC ET 200pro IM 154-3 PN HFSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)SINAMICS DCM w. PNSINAMICS G130 V4.8 w. PNDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerSIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12SINAMICS DCP w. PNSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12SINAMICS GM150 V4.7 w. PROFINETSIPLUS ET 200SP IM 155-6 PN ST BA TX RAILSIMOTION P V4.4 and V4.5SINAMICS S150 V4.8 w. PNSIMATIC ET 200M (incl. SIPLUS variants)SIMATIC Compact Field UnitSIMATIC S7-400 H V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-200 SMARTSINAMICS G130 V4.7 w. PNSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)SIPLUS ET 200MP IM 155-5 PN STSIMATIC WinAC RTX F 2010SINAMICS S150 V4.7 w. PNSINAMICS SM120 V4.7 w. PROFINETSIMATIC ET 200AL IM 157-1 PNSIMATIC ET200ecoPN, 8DI, DC24V, 8xM12SIPLUS ET 200SP IM 155-6 PN STSIPLUS ET 200MP IM 155-5 PN ST TX RAILSIPLUS ET 200MP IM 155-5 PN HFSINAMICS GH150 V4.7 w. PROFINETSINAMICS G150 V4.8 w. PN
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-40944
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.7||HIGH
EPSS-0.40% / 31.36%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 09:44
Updated-09 Jun, 2026 | 10:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (All versions), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) (All versions < V1.3), SIMATIC ET 200SP IM 155-6 PN R1 (6ES7155-6AU00-0HM0) (All versions < V6.0.1), SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) (All versions >= V4.2.0 < V4.2.5), SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) (All versions < V4.2.2), SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) (All versions), SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) (All versions < V6.0.0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-2AC0) (All versions >= V4.2.0), SIPLUS ET 200MP IM 155-5 PN HF (6AG1155-5AA00-7AC0) (All versions >= V4.2.0), SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL (6AG2155-5AA00-1AC0) (All versions >= V4.2.0), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-2CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF (6AG1155-6AU01-7CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL (6AG2155-6AU01-1CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS ET 200SP IM 155-6 PN HF TX RAIL (6AG2155-6AU01-4CN0) (All versions >= V4.2.0 < V4.2.5), SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0) (All versions < V6.0.0). Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request (COTP DR TPDU) on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a denial-of-service condition that requires a power cycle to restore normal operation.

Action-Not Available
Vendor-Siemens AG
Product-SIPLUS ET 200SP IM 155-6 PN HFSIMATIC ET 200SP IM 155-6 MF HFSIMATIC ET 200MP IM 155-5 PN HFSIMATIC PN/PN CouplerSIMATIC ET 200AL IM 157-1 PNSIPLUS ET 200SP IM 155-6 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN/2 HFSIPLUS NET PN/PN CouplerSIMATIC ET 200SP IM 155-6 PN/3 HFSIMATIC ET 200SP IM 155-6 PN R1SIMATIC PN/MF CouplerSIPLUS ET 200MP IM 155-5 PN HFSIPLUS ET 200SP IM 155-6 PN HF TX RAILSIPLUS ET 200MP IM 155-5 PN HF T1 RAILSIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants)
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • Next
Details not found