Siemens

Siemens, a major industrial automation and control systems manufacturer, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing attackers with local access to achieve significant impacts including confidentiality, integrity, and availability breaches. Security teams should monitor for patches expected by December 2025 and assess systems in their environments that run vulnerable Siemens products, particularly those accessible to local users or in shared environments.