SSA-614723 — Vulnetix

SSA-614723 PUBLISHED CVSS 7.5 HIGH

Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Siemens	SIMATIC PCS neo V4.1
Siemens	SIMATIC PCS neo V5.0
Siemens	Totally Integrated Automation Portal (TIA Portal) V17
Siemens	User Management Component (UMC)
Siemens	SINEMA Remote Connect
Siemens	SINEC NMS
Siemens	Totally Integrated Automation Portal (TIA Portal) V19
Siemens	Totally Integrated Automation Portal (TIA Portal) V18
Siemens	Totally Integrated Automation Portal (TIA Portal) V20

Timeline

May 13, 2025 CVE Published
Oct 14, 2025 CVE Updated

References

https://cert-portal.siemens.com/productcert/csaf/ssa-614723.json advisory
https://cert-portal.siemens.com/productcert/html/ssa-614723.html advisory
https://support.industry.siemens.com/cs/ww/en/view/109987708/ patch
https://support.industry.siemens.com/cs/ww/en/view/109989514/ patch

Open in Interactive Console →