Detections
Analytics

Siemens S7-1500 Unchecked Return Value (CVE-2025-11839)

low Tenable OT Security Plugin ID 505084

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://cert-portal.siemens.com/productcert/html/ssa-082556.html

Plugin Details

Severity: Low

ID: 505084

File Name: tenable_ot_siemens_CVE-2025-11839.nasl

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 2/10/2026

Updated: 2/10/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v3

Risk Factor: Low

Base Score: 3.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Vulnerability Information

CPE: cpe:/o:siemens:simatic_s7-1500_cpu_firmware:3.1.5, cpe:/o:siemens:siplus_s7-1500_cpu_firmware:3.1.5

Required KB Items: Tenable.ot/Siemens

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/10/2025

Vulnerability Publication Date: 6/10/2025

Reference Information

CVE: CVE-2025-11839

CWE: 252