CVE-2026-25573 HIGH

CVE-2026-25573

Vendor Siemens
Product SICAM SIAPP SDK
Weakness CWE-73
Published March 10, 2026
Last update March 10, 2026

CVSS base score

7.4/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell commands with caller-provided strings and executes them. An attacker could influence the executed command, potentially resulting in command injection and full system compromise.

Key dates

02Disclosure timeline

March 10, 2026 CVE published
March 10, 2026 Record updated