CVE-2025-40894

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-40894
A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality due to improper validation on an input parameter. A malicious authenticated user with the required privileges could edit a node label to inject HTML tags. If the system is configured to use the Alerted Nodes Dashboard, and alerts are reported for the affected node, then the injected HTML may render in the browser of a victim user interacting with it, enabling phishing and possibly open redirect attacks. Full XSS exploitation and direct information disclosure are prevented by the existing input validation and Content Security Policy configuration.

4.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://security.nozominetworks.com/NN-2025:16-01 Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-827968.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*
cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*
History

14 Apr 2026, 10:16

Type Values Removed Values Added
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-827968.html -
Summary
  • (es) Se descubrió una vulnerabilidad de inyección HTML almacenada en la funcionalidad del Panel de Nodos Alertados debido a una validación inadecuada en un parámetro de entrada. Un usuario autenticado malicioso con los privilegios requeridos podría editar una etiqueta de nodo para inyectar etiquetas HTML. Si el sistema está configurado para usar el Panel de Nodos Alertados, y se reportan alertas para el nodo afectado, entonces el HTML inyectado podría renderizarse en el navegador de un usuario víctima que interactúe con él, permitiendo phishing y posiblemente ataques de redirección abierta. La explotación completa de XSS y la revelación directa de información se evitan mediante la validación de entrada existente y la configuración de la Política de Seguridad de Contenido.

05 Mar 2026, 18:52

Type Values Removed Values Added
References () https://security.nozominetworks.com/NN-2025:16-01 - () https://security.nozominetworks.com/NN-2025:16-01 - Vendor Advisory
CPE cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*
cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*
First Time Nozominetworks
Nozominetworks guardian
Nozominetworks cmc

04 Mar 2026, 14:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-04 14:16

Updated : 2026-04-14 10:16

NVD link : CVE-2025-40894

Mitre link : CVE-2025-40894

CVE.ORG link : CVE-2025-40894

JSON object : View

Products Affected

nozominetworks

  • cmc
  • guardian
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')