Siemens SCALANCE and RUGGEDCOM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CVE-2025-4138)

Version 1.3

Feb 18, 2026, 9:24 AM

CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "True")
Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")