CVE-2026-25605 MEDIUM

CVE-2026-25605

Vendor Siemens
Product SICAM SIAPP SDK
Weakness CWE-73
Published March 10, 2026
Last update March 10, 2026

CVSS base score

6.7/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in denial of service or service disruption.

Key dates

02Disclosure timeline

March 10, 2026 CVE published
March 10, 2026 Record updated