CVE-2026-25786 CRITICAL

CVE-2026-25786

Vendor Siemens
Product SIMATIC Drive Controller CPU 1504D TF
Weakness CWE-79 · XSS
Published May 12, 2026
Last update May 12, 2026
View on NVD All CVEs

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "communication" parameters page, the malicious code would be executed in the scope of their web session.

Key dates

02Disclosure timeline

May 12, 2026 CVE published
May 12, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-27363 WordPress WP Bakery Autoresponder Addon plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability CVE-2021-24373 WP Hardening < 1.2.2 - Reflected XSS via historyvalue CVE-2025-59771 Multiple vulnerabilities in AndSoft's e-TMS CVE-2023-47240 WordPress CBX Map for Google Map & OpenStreetMap Plugin <= 1.1.11 is vulnerable to Cross Site Scripting (XSS) CVE-2024-1398 Ultimate Bootstrap Elements for Elementor <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting