Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable HTTP endpoint with low attack complexity but requires an authenticated session (PR:L); impact is limited to availability via web-process crash, so C:N/I:N/A:H.
Primary rating from Vendor (siemens).
CVSS VectorVendor: siemens
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt the system by crashing the web process causing denial of service conditions.
AnalysisAI
Denial of service in Siemens CPCI85 Central Processing/Communication firmware and SICORE Base System (all versions before V26.20 / V26.20.0) allows an authenticated attacker to crash the device's web process via a leftover debugging interface exposed on HTTP endpoints. The flaw stems from active debug code shipped in production firmware and affects only availability, not data confidentiality or integrity. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated session to the device (CVSS PR:L) plus network reachability to the product's HTTP endpoints where the debugging interface is exposed - the specific enabling feature is the active debug interface accessible over HTTP that ships in all firmware versions before V26.20 / V26.20.0. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 4.0 base score is 7.1 with vector AV:N/AC:L/AT:N/PR:L/UI:N and impact isolated to availability (VA:H, VC:N/VI:N/VA:H, no subsequent-system impact). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained valid low-privilege credentials for the device's web management interface sends a crafted request to the exposed debugging HTTP endpoint. The request drives the web process into a fault and crashes it, taking the management/communication service offline until the process or device restarts. … |
| Remediation | Vendor-released patch: update CPCI85 Central Processing/Communication to V26.20 or later and SICORE Base System to V26.20.0 or later, as directed in Siemens advisory SSA-229470 (https://cert-portal.siemens.com/productcert/html/ssa-229470.html). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all CPCI85 and SICORE deployments and verify current firmware versions (vulnerable if below V26.20.0); restrict network access to HTTP endpoints where possible. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Out-of-bounds write vulnerabilities in Siemens CPCI85 Central Processing/Communication and SICORE Base system (versions
Remote denial-of-service in Siemens CPCI85 Central Processing/Communication and RTUM85 RTU Base (versions below V26.10)
Privilege escalation in Siemens CPCI85 Central Processing/Communication and SICORE Base System (all versions before V26.
Malicious firmware installation is possible on Siemens CPCI85 Central Processing/Communication firmware (versions before
Insecure default OPC UA configuration in Siemens CPCI85 Central Processing/Communication and SICORE Base System exposes
Same weakness CWE-489 – Active Debug Code
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42593
GHSA-jw99-297g-63f5