VDB
SSA-452276
SSA-452276
PUBLISHED
CVSS 9.600000381469727 CRITICAL
SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in the web interface. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
Risk Scores
CVSS v3.1
9.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) | ||
| SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) | ||
| SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS | ||
| SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0) | ||
| SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) | ||
| SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS | ||
| SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS | ||
| SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0) | ||
| SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) | ||
| SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) | ||
| SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) | ||
| SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0) | ||
| SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) | ||
| SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) | ||
| SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0) |
Timeline
- Mar 10, 2026 CVE Published
- May 12, 2026 CVE Updated