Skip to main content

Industrial Edge Management Virtual

1 CVEs product

Monthly

CVE-2026-33892 MEDIUM CISA This Month

Authentication bypass in Siemens Industrial Edge Management systems (Pro V1 ≥1.7.6 <1.15.17, Pro V2 ≥2.0.0 <2.1.1, Virtual ≥2.2.0 <2.8.0) allows unauthenticated remote attackers with user interaction to impersonate legitimate users and tunnel to managed devices when remote connection features are enabled. Exploitation requires knowledge of connection headers and ports but does not bypass device-level application authentication. No public exploit identified at time of analysis. CVSS 7.1 with network attack vector, low complexity, and no authentication required (PR:N), indicating moderate real-world risk for industrial environments with exposed management interfaces.

Information Disclosure Industrial Edge Management Pro V1 Industrial Edge Management Pro V2 Industrial Edge Management Virtual
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
EPSS 0% CVSS 5.1
MEDIUM This Month

Authentication bypass in Siemens Industrial Edge Management systems (Pro V1 ≥1.7.6 <1.15.17, Pro V2 ≥2.0.0 <2.1.1, Virtual ≥2.2.0 <2.8.0) allows unauthenticated remote attackers with user interaction to impersonate legitimate users and tunnel to managed devices when remote connection features are enabled. Exploitation requires knowledge of connection headers and ports but does not bypass device-level application authentication. No public exploit identified at time of analysis. CVSS 7.1 with network attack vector, low complexity, and no authentication required (PR:N), indicating moderate real-world risk for industrial environments with exposed management interfaces.

Information Disclosure Industrial Edge Management Pro V1 Industrial Edge Management Pro V2 +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy