CVE-2026-25569 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-25569 PUBLISHED CVSS 7.400000095367432 HIGH

The SICAM SIAPP SDK contains multiple vulnerabilities that could allow an attacker to disrupt the customer-developed SIAPP or its simulation environment. Potential impacts include denial of service within the SIAPP, corruption of SIAPP data, or exploit the simulation environment. These vulnerabilities are only exploitable if the API is used improperly or hardening measures are not applied. Siemens has released a new version for SICAM SIAPP SDK and recommends to update to the latest version. The following versions of Siemens SICAM SIAPP SDK are affected: SICAM SIAPP SDK vers:intdot/ CVSS Vendor Equipment Vulnerabilities v3 7.4 Siemens Siemens SICAM SIAPP SDK Out-of-bounds Write, Stack-based Buffer Overflow, Improper Handling of Length Parameter Inconsistency, External Control of File Name or Path Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany

EPSS 0.01% · 2.6th percentile

Risk Scores

CVSS v3.1

7.400000095367432

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.01%

2.6th percentile

Timeline

Mar 10, 2026 CVE Published
Mar 10, 2026 PoC Published
Mar 10, 2026 PoC Published
Mar 11, 2026 EPSS Score
Mar 12, 2026 EPSS Score
Mar 12, 2026 PoC Published
Mar 13, 2026 EPSS Score
Mar 14, 2026 EPSS Score
Mar 15, 2026 EPSS Score
Mar 16, 2026 EPSS Score
Mar 17, 2026 EPSS Score
Mar 17, 2026 Security Advisory

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-04 advisory
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-076-04.json advisory
https://www.cve.org/CVERecord?id=CVE-2026-25569 technical
https://cwe.mitre.org/data/definitions/787.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H technical
https://www.cve.org/CVERecord?id=CVE-2026-25570 technical
https://cwe.mitre.org/data/definitions/121.html technical
https://www.cve.org/CVERecord?id=CVE-2026-25571 technical
https://cwe.mitre.org/data/definitions/130.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H technical
https://www.cve.org/CVERecord?id=CVE-2026-25572 technical
https://www.cve.org/CVERecord?id=CVE-2026-25573 technical
https://cwe.mitre.org/data/definitions/73.html technical
https://www.cve.org/CVERecord?id=CVE-2026-25605 technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H technical

Open in Interactive Console →