Skip to main content

ROS# EUVDEUVD-2026-29434

| CVE-2026-41551 CRITICAL
Relative Path Traversal (CWE-23)
2026-05-12 siemens GHSA-gmpj-93q6-2282
9.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
May 12, 2026 - 10:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 12, 2026 - 10:22 vuln.today
cvss_changed
CVSS changed
May 12, 2026 - 10:22 NVD
9.1 (CRITICAL) 9.3 (CRITICAL)
Analysis Generated
May 12, 2026 - 10:04 vuln.today
CVE Published
May 12, 2026 - 08:21 nvd
CRITICAL 9.1

DescriptionCVE.org

A vulnerability has been identified in ROS

(All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not properly sanitized.

This could allow a remote attacker to access arbitrary files on the device.

AnalysisAI

Remote path traversal in Siemens ROS

versions prior to V2.2.2 enables unauthenticated attackers to read arbitrary files from affected systems due to insufficient input sanitization. The vulnerability affects the ROS

library, a C

.NET implementation for Robot Operating System communication, with CVSS 9.3 critical severity. No active exploitation or public exploit code has been identified at time of analysis, though the network-accessible attack vector and lack of authentication requirements present significant risk for robotics systems using this library.

Technical ContextAI

ROS

is Siemens' C

.NET library that enables communication between Robot Operating System (ROS) environments and Microsoft .NET applications, commonly used in industrial robotics and automation systems. The vulnerability stems from CWE-23 (Relative Path Traversal), where the application fails to properly neutralize special elements within pathname inputs such as '../' sequences. When user-supplied input containing directory traversal sequences is processed without adequate validation or sanitization, attackers can escape intended directory restrictions and access files outside the application's designated file system scope. The affected CPE (cpe:2.3:a:siemens:ros#) indicates this is a library-level vulnerability that could impact any application or robotic system integrating ROS

for ROS communication functionality. Path traversal vulnerabilities in robotics libraries are particularly concerning as they may expose configuration files, credentials, or operational data critical to industrial control systems.

RemediationAI

Upgrade Siemens ROS

to version V2.2.2 or later, as confirmed by Siemens ProductCERT advisory SSA-357982 (https://cert-portal.siemens.com/productcert/html/ssa-357982.html). This vendor-released patch addresses the input sanitization deficiency causing the path traversal vulnerability. Organizations should prioritize systems with ROS

instances accessible from untrusted networks or multi-tenant environments. If immediate patching is not feasible, implement network segmentation to restrict access to ROS

endpoints exclusively from trusted robotics control networks, blocking external and cross-segment access via firewall rules (trade-off: may limit legitimate remote monitoring capabilities). Deploy application-layer filtering or web application firewall rules to detect and block requests containing path traversal patterns such as '../', '..\', URL-encoded variants (%2e%2e%2f), and Unicode equivalents, though this provides only partial protection against sophisticated bypass techniques. Review file system permissions to ensure the ROS

process runs with least-privilege access, limiting the scope of files accessible even if traversal succeeds (trade-off: may require application reconfiguration and testing). Monitor file access logs for unusual patterns indicating traversal attempts, particularly access to configuration directories, credential stores, or system files outside expected ROS

operational paths.

Share

EUVD-2026-29434 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy