CVE-2020-15786

CVE-2020-15786

Vendor Siemens
Product SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)
Weakness CWE-307 · Brute force
Published September 9, 2020
Last update June 2, 2026

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions < V16), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions <= V16), SIMATIC HMI Mobile Panels (All versions <= V16), SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently block excessive authentication attempts. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.

Key dates

02Disclosure timeline

September 9, 2020 CVE published
June 2, 2026 Record updated