Detections
Analytics
Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-5245)
medium Tenable OT Security Plugin ID 505076
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack.The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Plugin Details
Severity: Medium
ID: 505076
File Name: tenable_ot_siemens_CVE-2025-5245.nasl
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 2/10/2026
Updated: 2/10/2026
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Information
CPE: cpe:/o:siemens:simatic_s7-1500_cpu_firmware:3.1.5, cpe:/o:siemens:siplus_s7-1500_cpu_firmware:3.1.5
Required KB Items: Tenable.ot/Siemens
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/10/2025
Vulnerability Publication Date: 5/27/2025
Reference Information
CVE: CVE-2025-5245
CWE: 119