{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-27664/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-27664","denial-of-service","xml"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA vulnerability, tracked as CVE-2026-27664, exists within CPCI85 Central Processing/Communication (all versions prior to V26.10) and SICORE Base system (all versions prior to V26.10.0). This flaw stems from an out-of-bounds write during the parsing of maliciously crafted XML inputs. An unauthenticated attacker could exploit this vulnerability by sending a specifically designed XML request to the targeted system. Successful exploitation results in a service crash, effectively creating a denial-of-service (DoS) condition. This vulnerability poses a significant risk to the availability of systems relying on the affected CPCI85 and SICORE Base system components. Defenders should prioritize patching and implement mitigations to prevent potential disruptions.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable CPCI85 or SICORE Base system instance exposed to network traffic.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious XML payload designed to trigger the out-of-bounds write vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the malicious XML payload to the targeted system via a network request.\u003c/li\u003e\n\u003cli\u003eThe CPCI85 or SICORE Base system receives the XML payload and attempts to parse it.\u003c/li\u003e\n\u003cli\u003eDuring XML parsing, the vulnerability is triggered due to the specially crafted XML structure, leading to an out-of-bounds write operation.\u003c/li\u003e\n\u003cli\u003eThe out-of-bounds write corrupts memory within the application process.\u003c/li\u003e\n\u003cli\u003eThe memory corruption causes the service to crash.\u003c/li\u003e\n\u003cli\u003eThe crash results in a denial-of-service condition, rendering the affected system unavailable.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-27664 leads to a denial-of-service condition on the affected CPCI85 Central Processing/Communication and SICORE Base systems. The number of potential victims depends on the deployment scope of these systems; however, any system using versions prior to V26.10 and V26.10.0, respectively, is vulnerable. This DoS can disrupt critical operations relying on these systems, potentially impacting industrial control processes or other essential services.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security patch provided by Siemens to update CPCI85 Central Processing/Communication to version V26.10 or later, and SICORE Base system to version V26.10.0 or later to remediate CVE-2026-27664 (\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-246443.html)\"\u003ehttps://cert-portal.siemens.com/productcert/html/ssa-246443.html)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation and access control policies to limit exposure of CPCI85 and SICORE Base systems to untrusted networks.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for abnormal XML request patterns targeting the affected systems using a custom rule inspecting \u003ccode\u003ecs-uri-query\u003c/code\u003e for anomalous XML structures.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-26T15:16:34Z","date_published":"2026-03-26T15:16:34Z","id":"/briefs/2026-03-cpc85-xml-dos/","summary":"An unauthenticated attacker can exploit an out-of-bounds write vulnerability in CPCI85 Central Processing/Communication and SICORE Base System by sending a malicious XML request, potentially causing a service crash leading to a denial-of-service condition.","title":"CPCI85 and SICORE Base System XML Out-of-Bounds Write Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-03-cpc85-xml-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-27664","version":"https://jsonfeed.org/version/1.1"}