CVE-2026-54799
Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 - SICORE Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens SICAM 8 are affected: CPCI85 Central Processing/Communication vers:intdot/SICORE Base system vers:intdot/ CVSS Vendor Equipment Vulnerabilities v3 7.2 Siemens Siemens SICAM 8 Active Debug Code, Initialization of a Resource with an Insecure Default, Unverified Password Change Background Critical Infrastructure Sectors: Critical Manufacturing, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany
EPSS 0.13% · 2.7th percentile
Risk Scores
Timeline
- Jul 9, 2026 CVE Published
- Jul 9, 2026 CVE Updated
- Jul 10, 2026 Coalition ESS Score
- Jul 14, 2026 EPSS Score
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-05 advisory
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-197-05.json advisory
- https://www.cve.org/CVERecord?id=CVE-2026-54798 technical
- https://cwe.mitre.org/data/definitions/489.html technical
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H technical
- https://www.cve.org/CVERecord?id=CVE-2026-54799 technical
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H technical
- https://www.cve.org/CVERecord?id=CVE-2026-54800 technical
- https://cwe.mitre.org/data/definitions/1188.html technical
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N technical
- https://www.cve.org/CVERecord?id=CVE-2026-54801 technical
- https://cwe.mitre.org/data/definitions/620.html technical
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H technical