HIGHCVE-2026-25570Published 2026-03-10Modified 2026-03-10CNA siemens

CVE-2026-25570: A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform checks on input values potentially resulting in stack overflow. This could allow an attacker to perform code execution and denial of service.

CVSS v4.0: 7.5
Severity: HIGH
Fixed in: V2.1.7
Affected Products: 1

Fix available

V2.1.7

Affected packages

Siemens / SICAM SIAPP SDK
< V2.1.7 (from 0)

CVSS Vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

cert-portal.siemens.com

Metrics

Fix available