ICSA-25-226-18 — Vulnetix

ICSA-25-226-18 PUBLISHED CVSS 5.5 MEDIUM

SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER are affected by an XXE injection vulnerability that could allow an attacker to access arbitrary application files. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
	SIMOTION SCOUT V5.5
	SIMOTION SCOUT V5.4
	SINAMICS STARTER V5.6
	SIMOTION SCOUT V5.6
	SIMOTION SCOUT TIA V5.6
	SIMOTION SCOUT TIA V5.4
	SIMOTION SCOUT V5.7
	SIMOTION SCOUT TIA V5.7
	SINAMICS STARTER V5.5
	SINAMICS STARTER V5.7
	SIMOTION SCOUT TIA V5.5

Timeline

Aug 12, 2025 CVE Published
Apr 16, 2026 CVE Updated

References

https://cert-portal.siemens.com/productcert/csaf/ssa-186293.json advisory
https://cert-portal.siemens.com/productcert/html/ssa-186293.html advisory
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-226-18.json advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-18 advisory
https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01 url
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
https://www.cisa.gov/topics/industrial-control-systems url
https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b url
https://support.industry.siemens.com/cs/ww/en/view/109989067/ fix
https://support.industry.siemens.com/cs/ww/en/view/26233208/ fix
https://support.industry.siemens.com/cs/ww/en/view/109989066/ fix

Open in Interactive Console →