How severe is CVE-2025-40555?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2025-40555?

This is classified as CWE-440, which is a common weakness in software security.

CVE-2025-40555

MEDIUM Year: 2025

CVSS v3 Score

4.7

Medium

Weakness Type

CWE-440

View all →

Vulnerability Description

A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet) (All versions). Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.

CVE-2025-27401

MEDIUM

CVSS:4.6(Medium)

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue has a limited impact, it will mostly leave dangling data. How...

CWE-4402025

CVE-2024-8690

MEDIUM

CVSS:4.4(Medium)

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leverage...

CWE-4402024

CVE-2024-56202

MEDIUM

CVSS:4.3(Medium)

Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to ...

CWE-4402024

CVE-2023-32732

MEDIUM

CVSS:5.3(Medium)

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disco...

CWE-4402023

CVE-2025-27094

MEDIUM

CVSS:5.4(Medium)

Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading ...

CWE-4402025

CVE-2020-10766

MEDIUM

CVSS:5.5(Medium)

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context...

CWE-4402020

CVE-2025-40555

Vulnerability Description

Related Vulnerabilities

CVE-2025-27401

CVE-2024-8690

CVE-2024-56202

CVE-2023-32732

CVE-2025-27094

CVE-2020-10766