Risk Scores
CVSS v3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design (6AV2128-3KB70-0AX0) | ||
| SIMATIC HMI MTP1000 Unified Comfort Panel hygienic (6AV2128-3KB40-0AX0) | ||
| Industrial Edge Own Device (IEOD) | ||
| SIMATIC HMI MTP1200 Unified Comfort Panel hygienic (6AV2128-3MB40-0AX0) | ||
| SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom) (6AV2128-3MB57-1BX0) | ||
| SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio (6AV2128-3MB57-0BX0) | ||
| SIMATIC Automation Workstation 19" (6AV7256-6CA01-0FP0) | ||
| SCALANCE LPE9433 (6GK5998-3GS11-2AC2) | ||
| SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top) (6AV2128-3MB57-0AX0) | ||
| SIMATIC HMI MTP1000 Unified Comfort Panel (6AV2128-3KB06-0AX1) | ||
| SCALANCE LPE9413 (6GK5998-3GS01-2AC2) | ||
| Industrial Edge Cloud Device (IECD) | ||
| SIMATIC HMI MTP1200 Unified Comfort Panel (6AV2128-3MB06-0AX1) | ||
| SIMATIC HMI MTP1000, Unified Comfort Panel neutral (6AV2128-3KB36-0AX1) | ||
| Industrial Edge Virtual Device (IEVD) | ||
| SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit (6AV2128-3MB27-0BX0) | ||
| SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom) (6AV2128-3MB27-1BX0) | ||
| SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design (6AV2128-3MB70-0AX0) | ||
| SIMATIC Automation Workstation 24" (6AV7256-6CA00-0FP0) | ||
| SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top) (6AV2128-3MB27-0AX0) |
Timeline
- Jan 13, 2026 CVE Published
- Jan 14, 2026 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-001536.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-001536.html advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-015-08.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-08 advisory
- https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b url
- https://docs.industrial-operations-x.siemens.cloud/r/en-us/v1.24.2/industrial-edge-own-device/release-notes fix
- https://docs.industrial-operations-x.siemens.cloud/r/en-us/v1.24.2/industrial-edge-virtual/cloud-device/release-notes fix
- https://docs.industrial-operations-x.siemens.cloud/r/en-us/v1.25/one-db-simatic-iot2050-industrial-edge-device/all-release-notes/release-notes-v1.25 fix
- https://docs.eu1.edge.siemens.cloud/release_notes/device_release_notes/LPE9413.html fix
- https://docs.eu1.edge.siemens.cloud/release_notes/device_release_notes/SCALANCELPE9433Integrated.html fix
- https://support.industry.siemens.com/cs/ww/en/view/109825605/ fix
- https://docs.industrial-operations-x.siemens.cloud/r/en-us/v3.1/simatic-ipc-ied-os/release-notes fix