Industrial Edge Management Pro V1
Monthly
Authentication bypass in Siemens Industrial Edge Management systems (Pro V1 ≥1.7.6 <1.15.17, Pro V2 ≥2.0.0 <2.1.1, Virtual ≥2.2.0 <2.8.0) allows unauthenticated remote attackers with user interaction to impersonate legitimate users and tunnel to managed devices when remote connection features are enabled. Exploitation requires knowledge of connection headers and ports but does not bypass device-level application authentication. No public exploit identified at time of analysis. CVSS 7.1 with network attack vector, low complexity, and no authentication required (PR:N), indicating moderate real-world risk for industrial environments with exposed management interfaces.
Authentication bypass in Siemens Industrial Edge Management systems (Pro V1 ≥1.7.6 <1.15.17, Pro V2 ≥2.0.0 <2.1.1, Virtual ≥2.2.0 <2.8.0) allows unauthenticated remote attackers with user interaction to impersonate legitimate users and tunnel to managed devices when remote connection features are enabled. Exploitation requires knowledge of connection headers and ports but does not bypass device-level application authentication. No public exploit identified at time of analysis. CVSS 7.1 with network attack vector, low complexity, and no authentication required (PR:N), indicating moderate real-world risk for industrial environments with exposed management interfaces.