Vulnerability Description
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Sinec Nms | < 4.0 |
| Siemens | Sinema Remote Connect | - |
| Siemens | Totally Integrated Automation Portal | 17 |
| Siemens | User Management Component | < 2.15.1.1 |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-30174?
CVE-2025-30174 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrat...
How severe is CVE-2025-30174?
CVE-2025-30174 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-30174?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Sinec Nms, Siemens Sinema Remote Connect, Siemens Totally Integrated Automation Portal, Siemens User Management Component.