VDB

SSA-014678

SSA-014678 PUBLISHED CVSS 10 CRITICAL

Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices (for Siemens Industrial Edge devices see Additional Information). Industrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
Industrial Edge Device Kit - arm64 V1.20
Industrial Edge Device Kit - arm64 V1.11
Industrial Edge Device Kit - arm64 V1.22
Industrial Edge Device Kit - arm64 V1.12
Industrial Edge Device Kit - arm64 V1.17
Industrial Edge Device Kit - arm64 V1.15
Industrial Edge Device Kit - arm64 V1.25
Industrial Edge Device Kit - arm64 V1.14
Industrial Edge Device Kit - arm64 V1.10
Industrial Edge Device Kit - arm64 V1.8
Industrial Edge Device Kit - arm64 V1.7
Industrial Edge Device Kit - arm64 V1.5
Industrial Edge Device Kit - arm64 V1.24
Industrial Edge Device Kit - arm64 V1.21
Industrial Edge Device Kit - arm64 V1.6
Industrial Edge Device Kit - arm64 V1.16
Industrial Edge Device Kit - arm64 V1.23
Industrial Edge Device Kit - arm64 V1.13
Industrial Edge Device Kit - arm64 V1.18
Industrial Edge Device Kit - arm64 V1.19

Timeline

  • Jan 13, 2026 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›