How severe is CVE-2025-40576?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2025-40576?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2025-40576

MEDIUM Year: 2025

CVSS v3 Score

4.3

Medium

Weakness Type

CWE-476

View all →

Vulnerability Description

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.

CVE-2017-5023

MEDIUM

CVSS:4.3(Medium)

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference vi...

CWE-4762017

CVE-2018-1050

MEDIUM

CVSS:4.3(Medium)

All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on s...

CWE-4762018

CVE-2018-14853

MEDIUM

CVSS:4.3(Medium)

A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attac...

CWE-4762018

CVE-2018-18585

MEDIUM

CVSS:4.3(Medium)

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

CWE-4762018