CVE-2025-40571 is a security vulnerability identified in the Siemens Mendix OIDC SSO modules compatible with Mendix versions 9 and 10. The vulnerability stems from incorrect privilege assignment (CWE-266) within the OIDC Single Sign-On (SSO) module, where read and write access to all tokens is granted exclusively to the Administrator role. This design flaw could allow an adversary with administrative privileges during Mendix application development to misuse these privileges by modifying the module inappropriately. The vulnerability affects all versions prior to V4.1.0 for Mendix 10 compatible, prior to V4.0.1 for Mendix 10.12 compatible, and all versions of Mendix 9 compatible modules. The CVSS v3.1 base score is 2.2, indicating a low severity level, with the vector indicating network attack vector (AV:N), high attack complexity (AC:H), requiring high privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), low confidentiality impact (C:L), no integrity or availability impact (I:N/A:N). No known exploits are reported in the wild, and no patches are currently linked. The vulnerability primarily concerns the development phase where an attacker with administrative access could alter token handling, potentially leading to privilege misuse or unauthorized token manipulation within the Mendix application environment. Since the vulnerability requires high privileges and does not impact integrity or availability directly, the risk is limited to misuse by authorized administrators or insiders during development.

For European organizations using Siemens Mendix platforms, particularly those leveraging the Mendix OIDC SSO modules for authentication, this vulnerability poses a risk primarily during the development lifecycle. If an attacker or malicious insider gains administrative access to the Mendix development environment, they could exploit this vulnerability to manipulate authentication tokens, potentially leading to unauthorized access or privilege escalation within the application. Although the direct impact on confidentiality, integrity, and availability is low, the risk of privilege misuse could undermine trust in the authentication process and lead to further exploitation if combined with other vulnerabilities. Organizations relying on Mendix for critical business applications or handling sensitive data could face compliance and operational risks if this vulnerability is exploited. The low CVSS score reflects the requirement for high privileges and the absence of direct integrity or availability impacts, but the threat remains relevant in environments where administrative controls are weak or insider threats are a concern.

To mitigate this vulnerability, European organizations should: 1) Immediately review and restrict administrative access to the Mendix development environment, ensuring that only trusted personnel have such privileges. 2) Implement strict role-based access controls (RBAC) and monitor administrative activities for unusual or unauthorized modifications to the OIDC SSO module. 3) Apply the latest available updates or patches from Siemens as soon as they are released, even though no patch links are currently provided, maintaining close communication with Siemens support channels. 4) Conduct thorough code reviews and security audits of Mendix applications, focusing on authentication and token management modules. 5) Employ multi-factor authentication (MFA) for administrative accounts to reduce the risk of credential compromise. 6) Use logging and alerting mechanisms to detect any unauthorized changes to authentication modules or token handling processes. 7) Educate development and operations teams about the risks of privilege misuse and enforce separation of duties to minimize insider threat risks. These steps go beyond generic advice by focusing on administrative privilege management, monitoring, and proactive security hygiene specific to the Mendix development context.