Siemens

Multiple high-severity vulnerabilities, including CVE-2025-15467, affect various Siemens SCALANCE LPE, M, W, and X series industrial network devices, potentially allowing a remote attacker to achieve arbitrary code execution, provoke a denial of service, or compromise data confidentiality, with some products confirmed to receive no future patches.

CISA published ICS advisories addressing vulnerabilities in products from ABB, Hitachi Energy, Kieback & Peter, ScadaBR, Siemens, and ZKTeco, recommending mitigations and updates.

Siemens SIPROTEC 5 devices are vulnerable to session hijacking (CVE-2024-54017) due to the use of insufficiently random numbers in session identifier generation, potentially allowing an unauthenticated remote attacker to brute-force a valid session and gain unauthorized read access.

Siemens SIMATIC HMI Unified Comfort Panels before V21.0 are vulnerable to unauthenticated access via the help link and Control Panel (CVE-2026-27662), potentially leading to unauthorized configuration changes and discovery of backdoors.

Siemens Ruggedcom Rox is vulnerable to improper access control, allowing an authenticated remote attacker to read arbitrary files with root privileges from the underlying operating system's filesystem via the web server's JSON-RPC interface, as tracked by CVE-2025-40948.

Siemens Opcenter RDnL is vulnerable to missing authentication in critical function (CVE-2026-27446), where an unauthenticated attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker, potentially leading to availability impacts and message injection.

A request smuggling vulnerability exists in Siemens SENTRON 7KT PAC1261 Data Manager before V2.1.0, due to the web server improperly accepting a bare LF as a line terminator in chunked data chunk-size lines, potentially allowing an attacker to retrieve authorization tokens and gain administrative control over the device.

A heap-based buffer overflow vulnerability in Siemens Simcenter Femap, tracked as CVE-2025-12659, can be exploited by tricking a user into opening a malicious IPT file, leading to remote code execution.

Siemens released a security advisory on May 12, 2026, addressing vulnerabilities in a range of products including RUGGEDCOM, SCALANCE, Solid Edge, and SIMATIC, prompting users to apply necessary updates.

A remote, authenticated attacker can exploit multiple vulnerabilities in Siemens SIMATIC S7 PLCs Web Server to perform cross-site scripting attacks, potentially leading to information disclosure or further unauthorized actions.

A remote, anonymous attacker can exploit a vulnerability in Siemens SIPROTEC 5 devices to disclose sensitive information.

A stack-based overflow vulnerability in Solid Edge SE2026 (versions prior to V226.0 Update 5) allows for arbitrary code execution via specially crafted PAR files.

Solid Edge SE2026 is vulnerable to uninitialized pointer access while parsing specially crafted PAR files, potentially leading to arbitrary code execution in the context of the current process (CVE-2026-44411).

Siemens Teamcenter versions V2312 (before V2312.0014), V2406 (before V2406.0012), V2412 (before V2412.0009), V2506 (before V2506.0005), and V2512 are vulnerable to cross-site scripting (XSS) due to improper encoding or filtering of user-supplied data, potentially leading to arbitrary code execution by other users.

CVE-2025-40947 describes a vulnerability in Siemens RUGGEDCOM ROX devices that allows authenticated remote attackers to inject arbitrary commands via a maliciously crafted feature key, resulting in remote code execution with root privileges.

Siemens SIMATIC CN 4100 versions before V5.0 are vulnerable to resource exhaustion due to improper restriction of unauthenticated connections, potentially leading to disruption of operations and unauthorized actions.

An authenticated remote command injection vulnerability exists in the web UI scheduler functionality of multiple RUGGEDCOM ROX devices before V2.17.1, allowing arbitrary command execution with root privileges.