Telecontrol Server Basic is a software solution developed by Siemens. It is designed to handle remote terminal units (RTUs) in the telecontrol applications for water, gas, and power utilities. The software provides communication between control center and the RTUs while ensuring data management and processing.

Telecontrol Server Basic

The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-40765	CRITICAL	9.3	Telecontrol Server Basic	cpe:2.3:a:siemens:telecontrol_server_basic	No	No	Oct 14, 2025
CVE-2025-32872	HIGH	8.7	Telecontrol Server Basic	cpe:2.3:a:siemens:telecontrol_server_basic	No	Yes	Apr 16, 2025
CVE-2025-32871	HIGH	8.7	Telecontrol Server Basic	cpe:2.3:a:siemens:telecontrol_server_basic	No	Yes	Apr 16, 2025
CVE-2025-30033	HIGH	8.5	Telecontrol Server Basic	cpe:2.3:a:siemens:telecontrol_server_basic	No	Yes	Aug 12, 2025
CVE-2025-29931	MEDIUM	6.3	Telecontrol Server Basic	cpe:2.3:a:siemens:telecontrol_server_basic	No	Yes	Apr 17, 2025

CVE-2025-30033:
Telecontrol Server Basic vulnerability analysis and mitigation

8.5

Related Telecontrol Server Basic vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-30033: Telecontrol Server Basic vulnerability analysis and mitigation