anonhaven
Ad

CVE-2026-25570

HIGH CVSS 4.0: 7.5 EPSS 0.02%
Updated Mar 13, 2026
Siemens
Parameter Value
CVSS 7.5 (HIGH)
Affected Versions before 2.17
Fixed In 2.17
Type CWE-121 (Stack-based Buffer Overflow)
Vendor Siemens
Public PoC No

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform checks on input values potentially resulting in stack overflow. This could allow an attacker to perform code execution and denial of service.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
High
Difficult to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-121 Stack-based Buffer Overflow

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Siemens Sicam_Siapp_Sdk
cpe:2.3:a:siemens:sicam_siapp_sdk:*:*:*:*:*:*:*:*
 2.17

References 1

https://cert-portal.siemens.com/productcert/html/ssa-903736.html
productcert@siemens.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-27661

Siemens

5.3

CVE-2026-25569

Siemens

7.5

CVE-2025-25175

Siemens

7.3

CVE-2025-27494

Siemens

9.4

CVE-2025-27493

Siemens

9.3