Primary

Context

Siemens Gridscale X Prepay Authentication Token Capture-Replay Vulnerability

Vulnerability

A vulnerability exists in Siemens Gridscale X Prepay, all versions prior to 4.2.1, allowing for the capture and replay of authentication tokens. This issue enables an authenticated user who has been locked out to re-establish a valid user session.

Impact

Exploitation of this vulnerability could allow a locked-out user to regain access to their account by re-establishing a valid session, bypassing the lockout restriction.

Remediation

Siemens has released a new version of Gridscale X Prepay. Users are advised to update to the latest version. For further information, please contact your local Siemens representative.

Added: Dec 9, 2025, 8:14 PM

Updated: Dec 9, 2025, 8:14 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens Gridscale X Prepay Authentication Token Capture-Replay Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating