Skip to main content
ZDI-CAN-27564 HIGH 7.3 Overdue Dec 24, 2025

Siemens

Siemens, a major industrial automation and control systems manufacturer, has a high-severity vulnerability (CVSS 7.3) that can be exploited remotely without authentication or user interaction, affecting the confidentiality, integrity, and availability of affected systems. The attack requires only network access and low complexity, making it relatively easy to exploit. Security teams should monitor for patches from Siemens before the April 23, 2026 deadline and prioritize patching Siemens industrial control systems, particularly those exposed to untrusted networks.

Advisory Details
Researcher Discovered by: Anonymous
Reported December 24, 2025
Deadline April 23, 2026 85d overdue
CVSS Vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy