Siemens SIPROTEC 5 Use of Get Request Method with Sensitive Query Strings (CVE-2025-40742)

Version 1.3 Mar 12, 2026, 10:32 AM CVSS metrics ("CVSSv2 score" set to 5.4) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N") CVSS metrics ("Cvssv4 score" set to 6.0) CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:U") CVSS metrics ("Cvssv4 vector" set to "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 severity (based on CVE-2025-40742, severity decreased from "High" to "Medium") CVSSv4 severity (based on None, severity decreased from "High" to "Medium") Exploit attributes ("Exploit available" set to "False") Plugin Feed: 202603121032
Version 1.2 Feb 14, 2026, 11:28 PM Plugin metadata Plugin Feed: 202602142328
Version 1.1 Nov 18, 2025, 9:44 PM New Plugin Feed: 202511182144

* Changelogs are generally available for changes made after Nov 1, 2022