Skip to main content

Industrial Edge Management Pro V1 CVE-2026-33892

| EUVDEUVD-2026-22242 MEDIUM
Authentication Bypass by Primary Weakness (CWE-305)
2026-04-14 siemens GHSA-24c7-prh7-m3g7
5.1
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 14, 2026 - 09:22 NVD
HIGH MEDIUM
CVSS changed
Apr 14, 2026 - 09:22 NVD
7.1 (HIGH) 5.1 (MEDIUM)
Analysis Generated
Apr 14, 2026 - 09:12 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 09:00 euvd
EUVD-2026-22242
Analysis Generated
Apr 14, 2026 - 09:00 vuln.today
CVE Published
Apr 14, 2026 - 08:40 nvd
MEDIUM 5.1

DescriptionCVE.org

A vulnerability has been identified in Industrial Edge Management Pro V1 (All versions >= V1.7.6 < V1.15.17), Industrial Edge Management Pro V2 (All versions >= V2.0.0 < V2.1.1), Industrial Edge Management Virtual (All versions >= V2.2.0 < V2.8.0). Affected management systems do not properly enforce user authentication on remote connections to devices. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that the attacker has identified the header and port used for remote connections to devices and that the remote connection feature is enabled for the device.

Exploitation allows the attacker to tunnel to the device. Security features on this device itself (e.g. app specific authentication) are not affected.

AnalysisAI

Authentication bypass in Siemens Industrial Edge Management systems (Pro V1 ≥1.7.6 <1.15.17, Pro V2 ≥2.0.0 <2.1.1, Virtual ≥2.2.0 <2.8.0) allows unauthenticated remote attackers with user interaction to impersonate legitimate users and tunnel to managed devices when remote connection features are enabled. Exploitation requires knowledge of connection headers and ports but does not bypass device-level application authentication. No public exploit identified at time of analysis. CVSS 7.1 with network attack vector, low complexity, and no authentication required (PR:N), indicating moderate real-world risk for industrial environments with exposed management interfaces.

Technical ContextAI

This vulnerability affects Siemens Industrial Edge Management platforms, which provide centralized administration for industrial IoT edge devices in manufacturing and critical infrastructure environments. The flaw stems from CWE-305 (Authentication Bypass by Primary Weakness), where the management systems fail to properly validate user authentication on remote device connection channels. The CVSS vector reveals network-based exploitation (AV:N) with changed scope (S:C), indicating the attacker gains unauthorized access beyond the vulnerable management component to reach connected devices. The affected CPE entries identify three distinct product lines: Industrial Edge Management Pro V1 (versions 1.7.6 through 1.15.16), Pro V2 (versions 2.0.0 through 2.1.0), and Industrial Edge Management Virtual (versions 2.2.0 through 2.7.x). The vulnerability exists in the remote connection tunneling mechanism, which should authenticate users before establishing device access but instead permits unauthorized tunneling when specific protocol headers and network ports are targeted.

RemediationAI

Siemens has released patched versions addressing this authentication bypass vulnerability. Organizations should upgrade Industrial Edge Management Pro V1 installations to version 1.15.17 or later, Industrial Edge Management Pro V2 installations to version 2.1.1 or later, and Industrial Edge Management Virtual installations to version 2.8.0 or later. Detailed upgrade procedures and patch distribution channels are documented in Siemens ProductCERT Security Advisory SSA-609469 available at https://cert-portal.siemens.com/productcert/html/ssa-609469.html. As interim risk mitigation for environments where immediate patching is not operationally feasible, organizations should disable remote device connection features if not required for business operations, implement strict network segmentation isolating Industrial Edge Management systems from untrusted networks, restrict management interface access via firewall rules permitting only known administrative source IP addresses, and implement additional authentication layers at the device level. Monitor logs for unexpected remote connection attempts to managed devices, particularly from unfamiliar source addresses or during non-business hours.

Share

CVE-2026-33892 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy