CVE-2025-14831 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
siemens-SADP	ADP	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 18%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
Siemens	SIMATIC CN 4100	𝑥 < V5.0	ADP
siemens	simatic_cn_4100	𝑥 < 5.0	ADP

Debian Releases

Debian Product

Codename

gnutls28

bookworm	3.7.9-2+deb12u6 fixed
bookworm (security)	3.7.9-2+deb12u7 fixed
bullseye	vulnerable
bullseye (security)	3.7.1-5+deb11u9 fixed
forky	3.8.13-1 fixed
sid	3.8.13-1 fixed
trixie	3.8.9-3+deb13u3 fixed
trixie (security)	3.8.9-3+deb13u4 fixed

openSUSE / SLES Releases

openSUSE Product

Release

gnutls

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP4	3.7.3-150400.4.56.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

libgnutls-devel

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP4	3.7.3-150400.4.56.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

libgnutls30

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP4	3.7.3-150400.4.56.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

libgnutls30-32bit

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP4	3.7.3-150400.4.56.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

libgnutls30-hmac

suse enterprise server 15 SP4

3.7.3-150400.4.56.1

fixed

libgnutls30-hmac-32bit

suse enterprise server 15 SP4

3.7.3-150400.4.56.1

fixed

libgnutlsxx-devel

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP4	3.7.3-150400.4.56.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

libgnutlsxx28

suse enterprise server 15 SP4

3.7.3-150400.4.56.1

fixed

libgnutlsxx30

suse enterprise desktop 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise sap 15 SP7	3.8.3-150600.4.17.1 fixed
suse enterprise server 15 SP7	3.8.3-150600.4.17.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

gnutls

RHEL 8	0:3.6.16-8.el8_10.5 fixed
RHEL 9	0:3.8.3-10.el9_7 fixed

gnutls-c

RHEL 8	0:3.6.16-8.el8_10.5 fixed
RHEL 9	0:3.8.3-10.el9_7 fixed

gnutls-dane

RHEL 8	0:3.6.16-8.el8_10.5 fixed
RHEL 9	0:3.8.3-10.el9_7 fixed

gnutls-devel

RHEL 8	0:3.6.16-8.el8_10.5 fixed
RHEL 9	0:3.8.3-10.el9_7 fixed

gnutls-utils

RHEL 8	0:3.6.16-8.el8_10.5 fixed
RHEL 9	0:3.8.3-10.el9_7 fixed

Common Weakness Enumeration

CWE-407 - Inefficient Algorithmic Complexity
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

References

https://access.redhat.com/errata/RHSA-2026:13812

https://access.redhat.com/errata/RHSA-2026:16008

https://access.redhat.com/errata/RHSA-2026:16009

https://access.redhat.com/errata/RHSA-2026:16174

https://access.redhat.com/errata/RHSA-2026:3477

https://access.redhat.com/errata/RHSA-2026:4188

https://access.redhat.com/errata/RHSA-2026:4655

https://access.redhat.com/errata/RHSA-2026:4943

https://access.redhat.com/errata/RHSA-2026:5585

https://access.redhat.com/errata/RHSA-2026:5606

https://access.redhat.com/errata/RHSA-2026:6618

https://access.redhat.com/errata/RHSA-2026:6630

https://access.redhat.com/errata/RHSA-2026:6737

https://access.redhat.com/errata/RHSA-2026:6738

https://access.redhat.com/errata/RHSA-2026:7329

https://access.redhat.com/errata/RHSA-2026:7335

https://access.redhat.com/errata/RHSA-2026:7477

https://access.redhat.com/errata/RHSA-2026:8746

https://access.redhat.com/errata/RHSA-2026:8747

https://access.redhat.com/errata/RHSA-2026:8748

https://access.redhat.com/security/cve/CVE-2025-14831

https://bugzilla.redhat.com/show_bug.cgi?id=2423177

https://gitlab.com/gnutls/gnutls/-/issues/1773

https://cert-portal.siemens.com/productcert/html/ssa-032379.html