IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Siemens User Management Component (UMC)

CRITICAL
CVSS 9.8
Date 2026-07-07T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Siemens' User Management Component (UMC) is affected by multiple vulnerabilities that could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition. Siemens has released a new version for User Management Component (UMC) and recommends to update to the latest version. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.

// Vulnerabilities (4)

CVE ID CVSS Score Severity Description
CVE-2025-40797 7.5 high
CVE-2025-40797. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
CVE-2025-40795 9.8 critical
CVE-2025-40795. Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code or to cause a denial of service condition.
CVE-2025-40798 7.5 high
CVE-2025-40798. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
CVE-2025-40796 7.5 high
CVE-2025-40796. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

// Remediations (6)

Patch: Update to V2.15.1.3 or later version
Update to V2.15.1.3 or later version
Patch: Update to V6.0 SP1 Update 1 or later version
Update to V6.0 SP1 Update 1 or later version
Patch: Update to V2.15.1.3 or later version
Update to V2.15.1.3 or later version
Mitigation: In non-networked scenarios/deployments block TCP ports 4002 and 4004 on machines with UMC installed.
In non-networked scenarios/deployments block TCP ports 4002 and 4004 on machines with UMC installed. If the deployment is not using the 'RT Server' type of UMC machine, port 4004 can be blocked everywhere without impacting network functionality for all other UMC machine-types (Server, Ring-Server, Agent).
Mitigation: In non-networked scenarios/deployments block TCP ports 4002 and 4004 on machines with UMC installed.
In non-networked scenarios/deployments block TCP ports 4002 and 4004 on machines with UMC installed. If the deployment is not using the 'RT Server' type of UMC machine, port 4004 can be blocked everywhere without impacting network functionality for all other UMC machine-types (Server, Ring-Server, Agent).
Patch: Update to V6.0 SP1 Update 1 or later version
Update to V6.0 SP1 Update 1 or later version

// References