VDB
NCSC-2025-357
NCSC-2025-357
PUBLISHED
CVSS 8.800000190734863 HIGH
A vulnerability in all versions of POWER METER SICAM Q100 prior to V2.60 allows Cross-Site Request Forgery attacks via the web interface, enabling unauthorized actions through deceptive links clicked by authenticated users.
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | vers:unknown/* |
Timeline
- Nov 11, 2025 CVE Published
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
References
- https://advisories.ncsc.nl/csaf/v2/2025/ncsc-2025-0357.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-201498.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-267056.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-339694.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-514895.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-522291.html advisory
- https://cert-portal.siemens.com/productcert/html/ssa-682326.html advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-30901.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-31238.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-45133.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-0056.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32008.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32009.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32010.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32011.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-32014.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2884.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40744.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40760.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40763.json advisory
…and 4 more