VDB
ICSA-25-100-06
ICSA-25-100-06
PUBLISHED
CVSS 9.100000381469727 CRITICAL
SENTRON 7KT PAC1260 Data Manager is affected by multiple vulnerabilities as listed below. Software fixes can no longer be provided for The SENTRON 7KT PAC1260 Data Manager. This advisory documents the known open vulnerabilities. To fix the vulnerabilities, Siemens recommends to replace the device by the new SENTRON 7KT PAC1261 Data Manager and update it to the latest available firmware version.
Risk Scores
CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SENTRON 7KT PAC1260 Data Manager |
Exploit Intelligence
- https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json (circl)
- https://cert-portal.siemens.com/productcert/html/ssa-187636.html (circl)
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-100-06.json (circl)
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-06 (circl)
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 (circl)
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices (circl)
- https://www.cisa.gov/topics/industrial-control-systems (circl)
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf (circl)
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf (circl)
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B (circl)
Timeline
- Apr 8, 2025 CVE Published
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-187636.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-187636.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-100-06.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-06 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url