Vulnerability-Lookup

CVE-2025-66412 (GCVE-0-2025-66412)

Vulnerability from cvelistv5 – Published: 2025-12-01 22:35 – Updated: 2026-06-02 13:00

Title

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Summary

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.

Severity

8.5 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

4 references

URL	Tags
https://github.com/angular/angular/security/advis…	x_refsource_CONFIRM
https://github.com/angular/angular/commit/1c6b070…	x_refsource_MISC
https://cert-portal.siemens.com/productcert/html/…
https://cert-portal.siemens.com/productcert/html/…

Impacted products

3 products

Vendor	Product	Version
angular	angular	Affected: >= 21.0.0-next.0 < 21.0.2 Affected: >= 20.0.0-next.0 < 20.3.15 Affected: >= 19.0.0-next.0 < 19.2.17 Affected: <= 18.2.14
Siemens	RUGGEDCOM RST2428P	Affected: 0 , < V4.0 (custom)
Siemens	SIDIS Prime	Affected: 0 , < V4.0.800 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-02T14:12:58.051369Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-02T14:13:07.801Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM RST2428P",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V4.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIDIS Prime",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V4.0.800",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-02T13:00:31.963Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "angular",
          "vendor": "angular",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 21.0.0-next.0 \u003c 21.0.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 20.0.0-next.0 \u003c 20.3.15"
            },
            {
              "status": "affected",
              "version": "\u003e= 19.0.0-next.0 \u003c 19.2.17"
            },
            {
              "status": "affected",
              "version": "\u003c= 18.2.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T22:35:59.211Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49"
        },
        {
          "name": "https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a"
        }
      ],
      "source": {
        "advisory": "GHSA-v4hv-rgfq-gp49",
        "discovery": "UNKNOWN"
      },
      "title": "Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-66412",
    "datePublished": "2025-12-01T22:35:59.211Z",
    "dateReserved": "2025-11-28T23:33:56.366Z",
    "dateUpdated": "2026-06-02T13:00:31.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-66412",
      "date": "2026-06-02",
      "epss": "0.00023",
      "percentile": "0.06893"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-66412\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-12-01T23:15:53.890\",\"lastModified\":\"2026-06-02T14:16:37.280\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"18.2.14\",\"matchCriteriaId\":\"B0857B9D-DDD4-42CC-B026-AF3B4081BD14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"19.0.0\",\"versionEndExcluding\":\"19.2.17\",\"matchCriteriaId\":\"510711AC-A2E0-42FA-9A67-B77FC0C7FE2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.3.15\",\"matchCriteriaId\":\"ADEEF44B-4624-444D-867A-D75B192FC413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"21.0.0\",\"versionEndExcluding\":\"21.0.2\",\"matchCriteriaId\":\"4D7E1957-7450-48AA-8EEB-62D60EE9DABE\"}]}]}],\"references\":[{\"url\":\"https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-485750.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RST2428P\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIDIS Prime\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V4.0.800\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-485750.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-253495.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-06-02T13:00:31.963Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66412\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-02T14:12:58.051369Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T14:13:03.595Z\"}}], \"cna\": {\"title\": \"Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes\", \"source\": {\"advisory\": \"GHSA-v4hv-rgfq-gp49\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"angular\", \"product\": \"angular\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 21.0.0-next.0 \u003c 21.0.2\"}, {\"status\": \"affected\", \"version\": \"\u003e= 20.0.0-next.0 \u003c 20.3.15\"}, {\"status\": \"affected\", \"version\": \"\u003e= 19.0.0-next.0 \u003c 19.2.17\"}, {\"status\": \"affected\", \"version\": \"\u003c= 18.2.14\"}]}], \"references\": [{\"url\": \"https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49\", \"name\": \"https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a\", \"name\": \"https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-12-01T22:35:59.211Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-66412\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-02T13:00:31.963Z\", \"dateReserved\": \"2025-11-28T23:33:56.366Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-12-01T22:35:59.211Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

BDU:2025-15561

Vulnerability from fstec - Published: 01.12.2025

Title

Уязвимость компилятора шаблонов среды проектирования приложений и платформы разработки одностраничных приложений Аngular, позволяющая нарушителю проводить межсайтовые сценарные атаки

Description

Уязвимость компилятора шаблонов среды проектирования приложений и платформы разработки одностраничных приложений Аngular связана с непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, проводить межсайтовые сценарные атаки

Severity


                    
                      AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H


                    
                      AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Vendor

Google Inc

Software Name

Angular

Software Version

до 18.2.14 включительно (Angular), от 19.0.0-next.0 до 19.2.17 (Angular), от 20.0.0-next.0 до 20.3.15 (Angular), от 21.0.0-next.0 до 21.0.2 (Angular)

Possible Mitigations

Использование рекомендаций: https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a https://github.com/angular/angular/releases

Reference

https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49

CWE

CWE-79

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": "AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Google Inc",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 18.2.14 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Angular), \u043e\u0442 19.0.0-next.0 \u0434\u043e 19.2.17 (Angular), \u043e\u0442 20.0.0-next.0 \u0434\u043e 20.3.15 (Angular), \u043e\u0442 21.0.0-next.0 \u0434\u043e 21.0.2 (Angular)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a\nhttps://github.com/angular/angular/releases",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "01.12.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.12.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.12.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-15561",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-66412",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Angular",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u0430 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u0441\u0440\u0435\u0434\u044b \u043f\u0440\u043e\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043e\u0434\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0410ngular, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0438\u043b\u0438 \\\u00ab\u041c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430\\\u00bb) (CWE-79)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u0438\u043b\u044f\u0442\u043e\u0440\u0430 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u0441\u0440\u0435\u0434\u044b \u043f\u0440\u043e\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043e\u0434\u043d\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0410ngular \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a\nhttps://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-79",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,5)"
}

CERTFR-2026-AVI-0224

Vulnerability from certfr_avis - Published: 2026-02-27 - Updated: 2026-02-27

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM indique les versions correctives 9.0.5.27 et 26.0.0.3 pour WebSphere Application Server seront disponibles au cours du premier trimestre 2026. La version 8.5.5.30 sera disponible au troisième trimestre 2026.

Impacted products

Vendor	Product	Description
IBM	WebSphere	WebSphere Application Server versions 8.x antérieures à 8.5.5.30
IBM	WebSphere	WebSphere Application Server - Liberty versions antérieures à 26.0.0.3
IBM	QRadar Assistant	QRadar AI Assistant versions antérieures à 1.3.1
IBM	Sterling	Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.3 GA
IBM	QRadar	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 IF05
IBM	Sterling	Sterling Transformation Extender sans l'application des mesures de contournement décrites par l'éditeur
IBM	Sterling	Sterling Secure Proxy versions 6.2.1.x antérieures à 6.2.1.1 GA
IBM	Db2	Db2 mirror pour i sans les derniers correctifs de sécurité
IBM	WebSphere	WebSphere Application Server versions 9.x antérieures à 9.0.5.27
IBM	Sterling	Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.3 GA
IBM	Cognos Command Center	Cognos Command Center versions antérieures à 10.2.5 FP1 IF3

References

Title

Publication Time

CERTFR-2026-AVI-0523

Vulnerability from certfr_avis - Published: 2026-04-30 - Updated: 2026-04-30

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.6_iFix048
IBM	WebSphere	WebSphere Application Server - Liberty versions 17.0.0.3 à 26.0.0.4 sans le dernier correctif de sécurité
IBM	Informix Dynamic Server	Informix Dynamic Server versions 15.0 sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 12.10.x sans le correctif de sécurité HQ 3.2.2
IBM	Informix Dynamic Server	Informix Dynamic Server versions 14.10 sans le correctif de sécurité HQ 3.2.2
IBM	Sterling Connect:Direct	Sterling Connect:Direct for Microsoft Windows versions 6.4.0.x antérieures à 6.4.0.4_iFix019
IBM	Security QRadar Log Management AQL	greffon Security QRadar Log Management AQL versions 1.x antérieures à 1.1.5

References

Title

Publication Time

FKIE_CVE-2025-66412

Vulnerability from fkie_nvd - Published: 2025-12-01 23:15 - Updated: 2026-06-02 14:16

Severity

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a	Patch
security-advisories@github.com	https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49	Third Party Advisory
0b142b55-0307-4c5a-b3c9-f314f3fb7c5e	https://cert-portal.siemens.com/productcert/html/ssa-253495.html
0b142b55-0307-4c5a-b3c9-f314f3fb7c5e	https://cert-portal.siemens.com/productcert/html/ssa-485750.html

Impacted products

Vendor	Product	Version
angular	angular	*
angular	angular	*
angular	angular	*
angular	angular	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "B0857B9D-DDD4-42CC-B026-AF3B4081BD14",
              "versionEndIncluding": "18.2.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "510711AC-A2E0-42FA-9A67-B77FC0C7FE2A",
              "versionEndExcluding": "19.2.17",
              "versionStartIncluding": "19.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "ADEEF44B-4624-444D-867A-D75B192FC413",
              "versionEndExcluding": "20.3.15",
              "versionStartIncluding": "20.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "4D7E1957-7450-48AA-8EEB-62D60EE9DABE",
              "versionEndExcluding": "21.0.2",
              "versionStartIncluding": "21.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17."
    }
  ],
  "id": "CVE-2025-66412",
  "lastModified": "2026-06-02T14:16:37.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-12-01T23:15:53.890",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49"
    },
    {
      "source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
    },
    {
      "source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GHSA-V4HV-RGFQ-GP49

Vulnerability from github – Published: 2025-12-02 01:20 – Updated: 2025-12-02 01:20

Summary

Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes

Details

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts.

Additionally, a related vulnerability exists involving SVG animation elements (<animate>, <set>, <animateMotion>, <animateTransform>). The attributeName attribute on these elements was not properly validated, allowing attackers to dynamically target security-sensitive attributes like href or xlink:href on other elements. By binding attributeName to "href" and providing a javascript: URL in the values or to attribute, an attacker could bypass sanitization and execute arbitrary code.

Attributes confirmed to be vulnerable include: * SVG-related attributes: (e.g., xlink:href), and various MathML attributes (e.g., math|href, annotation|href). * SVG animation attributeName attribute when bound to "href" or "xlink:href".

When template binding is used to assign untrusted, user-controlled data to these attributes (e.g., [attr.xlink:href]="maliciousURL" or <animate [attributeName]="'href'" [values]="maliciousURL">), the compiler incorrectly falls back to a non-sanitizing context or fails to block the dangerous attribute assignment. This allows an attacker to inject a javascript:URL payload. Upon user interaction (like a click) on the element, or automatically in the case of animations, the malicious JavaScript executes in the context of the application's origin.

Impact

When exploited, this vulnerability allows an attacker to execute arbitrary code within the context of the vulnerable application's domain. This enables:

Session Hijacking: Stealing session cookies and authentication tokens.
Data Exfiltration: Capturing and transmitting sensitive user data.
Unauthorized Actions: Performing actions on behalf of the user.

Patches

19.2.17
20.3.15
21.0.2

Attack Preconditions

The victim's Angular application must render data derived from untrusted input (e.g., from a database or API) and bind it to one of the unsanitized URL attributes or the attributeName of an SVG animation element.
The victim must perform a user interaction (e.g., clicking) on the compromised element for the stored script to execute, or the animation must trigger the execution.

Workarounds

If you cannot upgrade, you can workaround the issue by ensuring that any data bound to the vulnerable attributes is never sourced from untrusted user input (e.g., database, API response, URL parameters).

Avoid Affected Template Bindings: Specifically avoid using template bindings (e.g., [attr.xlink:href]="maliciousURL") to assign untrusted data to the vulnerable SVG/MathML attributes.
Avoid Dynamic attributeName on SVG Animations: Do not bind untrusted data to the attributeName attribute of SVG animation elements (<animate>, <set>, etc.).
Enable Content Security Policy (CSP): Configure a robust CSP header that disallows javascript: URLs.

Severity

8.5 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/compiler"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "21.0.0-next.0"
            },
            {
              "fixed": "21.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/compiler"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.0.0-next.0"
            },
            {
              "fixed": "20.3.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/compiler"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "19.0.0-next.0"
            },
            {
              "fixed": "19.2.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "@angular/compiler"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "18.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-66412"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-02T01:20:30Z",
    "nvd_published_at": "2025-12-01T23:15:53Z",
    "severity": "HIGH"
  },
  "details": "A **Stored Cross-Site Scripting ([XSS](https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss))** vulnerability has been identified in the **Angular Template Compiler**. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain [`javascript:` URLs](https://developer.mozilla.org/en-US/Web/URI/Reference/Schemes/javascript)) as requiring strict URL security, enabling the injection of malicious scripts.\n\nAdditionally, a related vulnerability exists involving SVG animation elements (`\u003canimate\u003e`, `\u003cset\u003e`, `\u003canimateMotion\u003e`, `\u003canimateTransform\u003e`). The `attributeName` attribute on these elements was not properly validated, allowing attackers to dynamically target security-sensitive attributes like `href` or `xlink:href` on other elements. By binding `attributeName` to \"href\" and providing a `javascript:` URL in the `values` or `to` attribute, an attacker could bypass sanitization and execute arbitrary code.\n\nAttributes confirmed to be vulnerable include:\n*   SVG-related attributes: (e.g., `xlink:href`), and various MathML attributes (e.g., `math|href`, `annotation|href`).\n*   SVG animation `attributeName` attribute when bound to \"href\" or \"xlink:href\".\n\nWhen template binding is used to assign untrusted, user-controlled data to these attributes (e.g., `[attr.xlink:href]=\"maliciousURL\"` or `\u003canimate [attributeName]=\"\u0027href\u0027\" [values]=\"maliciousURL\"\u003e`), the compiler incorrectly falls back to a non-sanitizing context or fails to block the dangerous attribute assignment. This allows an attacker to inject a `javascript:URL` payload. Upon user interaction (like a click) on the element, or automatically in the case of animations, the malicious JavaScript executes in the context of the application\u0027s origin.\n\n### Impact\n\nWhen exploited, this vulnerability allows an attacker to execute arbitrary code within the context of the vulnerable application\u0027s domain. This enables:\n\n* **Session Hijacking:** Stealing session cookies and authentication tokens.  \n* **Data Exfiltration:** Capturing and transmitting sensitive user data.  \n* **Unauthorized Actions:** Performing actions on behalf of the user.\n\n### Patches\n\n- 19.2.17\n- 20.3.15\n- 21.0.2\n\n### Attack Preconditions\n\n* The victim\u0027s Angular application must render data derived from **untrusted input** (e.g., from a database or API) and bind it to one of the unsanitized URL attributes or the `attributeName` of an SVG animation element.\n* The victim must perform a **user interaction** (e.g., clicking) on the compromised element for the stored script to execute, or the animation must trigger the execution.\n\n### Workarounds\n\nIf you cannot upgrade, you can workaround the issue by ensuring that any data bound to the vulnerable attributes is never sourced from untrusted user input (e.g., database, API response, URL parameters).\n\n* **Avoid Affected Template Bindings:** Specifically avoid using template bindings (e.g., `[attr.xlink:href]=\"maliciousURL\"`) to assign untrusted data to the vulnerable SVG/MathML attributes.\n* **Avoid Dynamic `attributeName` on SVG Animations:** Do not bind untrusted data to the `attributeName` attribute of SVG animation elements (`\u003canimate\u003e`, `\u003cset\u003e`, etc.).\n* **Enable [Content Security Policy (CSP)](https://angular.dev/best-practices/security#content-security-policy):** Configure a robust CSP header that disallows `javascript:` URLs.",
  "id": "GHSA-v4hv-rgfq-gp49",
  "modified": "2025-12-02T01:20:31Z",
  "published": "2025-12-02T01:20:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66412"
    },
    {
      "type": "WEB",
      "url": "https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/angular/angular"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes"
}

ICSA-26-071-03

Vulnerability from csaf_cisa - Published: 2026-03-10 00:00 - Updated: 2026-03-12 06:00

Summary

Siemens SIDIS Prime

Notes

Summary: SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version.

General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).

Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Siemens ProductCERT SSA-485750 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.

Critical infrastructure sectors: Critical Manufacturing

Countries/areas deployed: Worldwide

Company headquarters location: Germany

Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CVE-2024-29857

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-30171

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-203 - Observable Discrepancy

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-30172

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-41996

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-295 - Improper Certificate Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-6965

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L

CWE-197 - Numeric Truncation Error

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-7783

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9230

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9232

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9670

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-12816

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE-436 - Interpretation Conflict

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-15284

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58751

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58752

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-23 - Relative Path Traversal

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58754

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-62522

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-64718

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-64756

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66030

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66031

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66035

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66412

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-69277

4.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-184 - Incomplete List of Disallowed Inputs

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2026-22610

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

References

67 references

URL	Category
https://cert-portal.siemens.com/productcert/csaf/…	self
https://cert-portal.siemens.com/productcert/html/…	self
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://www.cisa.gov/news-events/ics-alerts/ics-a…	external
https://www.cisa.gov/resources-tools/resources/ic…	external
https://www.cisa.gov/topics/industrial-control-systems	external
https://www.cisa.gov/sites/default/files/recommen…	external
https://www.cisa.gov/sites/default/files/publicat…	external
https://www.cisa.gov/news-events/news/targeted-cy…	external
https://www.cve.org/CVERecord?id=CVE-2024-29857	external
https://cwe.mitre.org/data/definitions/125.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2024-30171	external
https://cwe.mitre.org/data/definitions/203.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2024-30172	external
https://cwe.mitre.org/data/definitions/20.html	external
https://www.cve.org/CVERecord?id=CVE-2024-41996	external
https://cwe.mitre.org/data/definitions/295.html	external
https://www.cve.org/CVERecord?id=CVE-2025-6965	external
https://cwe.mitre.org/data/definitions/197.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-7783	external
https://cwe.mitre.org/data/definitions/330.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-9230	external
https://cwe.mitre.org/data/definitions/787.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-9232	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-9670	external
https://cwe.mitre.org/data/definitions/1333.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-12816	external
https://cwe.mitre.org/data/definitions/436.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-15284	external
https://www.cve.org/CVERecord?id=CVE-2025-58751	external
https://cwe.mitre.org/data/definitions/22.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-58752	external
https://cwe.mitre.org/data/definitions/23.html	external
https://www.cve.org/CVERecord?id=CVE-2025-58754	external
https://cwe.mitre.org/data/definitions/770.html	external
https://www.cve.org/CVERecord?id=CVE-2025-62522	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-64718	external
https://cwe.mitre.org/data/definitions/1321.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-64756	external
https://cwe.mitre.org/data/definitions/78.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-66030	external
https://cwe.mitre.org/data/definitions/190.html	external
https://www.cve.org/CVERecord?id=CVE-2025-66031	external
https://cwe.mitre.org/data/definitions/674.html	external
https://www.cve.org/CVERecord?id=CVE-2025-66035	external
https://cwe.mitre.org/data/definitions/201.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-66412	external
https://cwe.mitre.org/data/definitions/79.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2025-69277	external
https://cwe.mitre.org/data/definitions/184.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://www.cve.org/CVERecord?id=CVE-2026-22610	external

Acknowledgments

Siemens ProductCERT

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reported these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.\n\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
        "title": "Legal Notice and Terms of Use"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-485750 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json"
      },
      {
        "category": "self",
        "summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-26-071-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-26-071-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-26-071-03 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
      }
    ],
    "title": "Siemens SIDIS Prime",
    "tracking": {
      "current_release_date": "2026-03-12T06:00:00.000000Z",
      "generator": {
        "date": "2026-03-11T20:56:12.127996Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.5.0"
        }
      },
      "id": "ICSA-26-071-03",
      "initial_release_date": "2026-03-10T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2026-03-10T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2026-03-12T06:00:00.000000Z",
          "legacy_version": "CISA Republication",
          "number": "2",
          "summary": "Initial CISA Republication of Siemens ProductCERT SSA-485750 advisory"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c4.0.800",
                "product": {
                  "name": "SIDIS Prime",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIDIS Prime"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/125.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30171",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/203.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-30171"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/20.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-41996",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/295.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-41996"
    },
    {
      "cve": "CVE-2025-6965",
      "cwe": {
        "id": "CWE-197",
        "name": "Numeric Truncation Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/197.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-6965"
    },
    {
      "cve": "CVE-2025-7783",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.\r\n\r\nThis issue affects form-data: \u003c 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/330.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-7783"
    },
    {
      "cve": "CVE-2025-9230",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/787.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-9230"
    },
    {
      "cve": "CVE-2025-9232",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/125.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-9232"
    },
    {
      "cve": "CVE-2025-9670",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9670"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/1333.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-9670"
    },
    {
      "cve": "CVE-2025-12816",
      "cwe": {
        "id": "CWE-436",
        "name": "Interpretation Conflict"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/436.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-12816"
    },
    {
      "cve": "CVE-2025-15284",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: \u003c 6.14.1.\n\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1\u0026a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1\u0026a[1]=2) but completely bypasses it for bracket notation (a[]=1\u0026a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === \u0027[]\u0027 \u0026\u0026 options.parseArrays) {\n    obj = utils.combine([], leaf);  // No arrayLimit check\n}\n\n\n\n\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index \u003c= options.arrayLimit) {  // Limit checked here\n    obj = [];\n    obj[index] = leaf;\n}\n\n\n\n\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index \u003c= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\n\n\n\n\nconst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026a[]=2\u0026a[]=3\u0026a[]=4\u0026a[]=5\u0026a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length);  // Output: 6 (should be max 5)\n\n\n\n\n\nTest 2 - DoS demonstration:\n\nconst qs = require(\u0027qs\u0027);\nconst attack = \u0027a[]=\u0027 + Array(10000).fill(\u0027x\u0027).join(\u0027\u0026a[]=\u0027);\nconst result = qs.parse(attack, { arrayLimit: 100 });\nconsole.log(result.a.length);  // Output: 10000 (should be max 100)\n\n\n\n\n\nConfiguration:\n\n  *  arrayLimit: 5\u00a0(test 1) or arrayLimit: 100\u00a0(test 2)\n  *  Use bracket notation: a[]=value\u00a0(not indexed a[0]=value)\n\n\nImpactDenial of Service via memory exhaustion. Affects applications using qs.parse()\u00a0with user-controlled input and arrayLimit\u00a0for protection.\n\nAttack scenario:\n\n  *  Attacker sends HTTP request: GET /api/search?filters[]=x\u0026filters[]=x\u0026...\u0026filters[]=x\u00a0(100,000+ times)\n  *  Application parses with qs.parse(query, { arrayLimit: 100 })\n  *  qs ignores limit, parses all 100,000 elements into array\n  *  Server memory exhausted \u2192 application crashes or becomes unresponsive\n  *  Service unavailable for all users\nReal-world impact:\n\n  *  Single malicious request can crash server\n  *  No authentication required\n  *  Easy to automate and scale\n  *  Affects any endpoint parsing query strings with bracket notation",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/20.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-15284"
    },
    {
      "cve": "CVE-2025-58751",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or `server.host` config option), use the public directory feature (enabled by default), and have a symlink in the public directory are affected. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58751"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/22.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-58751"
    },
    {
      "cve": "CVE-2025-58752",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or server.host config option) and use `appType: \u0027spa\u0027` (default) or `appType: \u0027mpa\u0027` are affected. This vulnerability also affects the preview server. The preview server allowed HTML files not under the output directory to be served. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58752"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/23.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-58752"
    },
    {
      "cve": "CVE-2025-58754",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: \u0027stream\u0027`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/770.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-58754"
    },
    {
      "cve": "CVE-2025-62522",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended with \\ when the dev server is running on Windows. Only apps explicitly exposing the Vite dev server to the network and running the dev server on Windows were affected. This issue has been patched in versions 5.4.21, 6.4.1, 7.0.8, and 7.1.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-62522"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/22.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-62522"
    },
    {
      "cve": "CVE-2025-64718",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/1321.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-64718"
    },
    {
      "cve": "CVE-2025-64756",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/78.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-64756"
    },
    {
      "cve": "CVE-2025-66030",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/190.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-66030"
    },
    {
      "cve": "CVE-2025-66031",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/674.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-66031"
    },
    {
      "cve": "CVE-2025-66035",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular\u0027s HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66035"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/201.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-66035"
    },
    {
      "cve": "CVE-2025-66412",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-66412"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/79.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-66412"
    },
    {
      "cve": "CVE-2025-69277",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren\u0027t in the main cryptographic group.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-69277"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/184.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2025-69277"
    },
    {
      "cve": "CVE-2026-22610",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular\u2019s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG \u003cscript\u003e elements as a Resource URL context. This issue has been patched in versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-22610"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/79.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2026-22610"
    }
  ]
}

NCSC-2026-0079

Vulnerability from csaf_ncscnl - Published: 2026-03-10 12:39 - Updated: 2026-03-10 12:39

Summary

Kwetsbaarheden verholpen in Siemens producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Siemens heeft kwetsbaarheden verholpen in diverse producten als Heliox, Ruggedcom, SICAM, SIDIS en SIMATIC.

Interpretaties: De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - (Remote) code execution (root/admin rechten) - Toegang tot systeemgegevens - Verhogen van rechten Voor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Oplossingen: Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23: Relative Path Traversal

CWE-73: External Control of File Name or Path

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-121: Stack-based Buffer Overflow

CWE-125: Out-of-bounds Read

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-134: Use of Externally-Controlled Format String

CWE-179: Incorrect Behavior Order: Early Validation

CWE-184: Incomplete List of Disallowed Inputs

CWE-190: Integer Overflow or Wraparound

CWE-197: Numeric Truncation Error

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-201: Insertion of Sensitive Information Into Sent Data

CWE-203: Observable Discrepancy

CWE-208: Observable Timing Discrepancy

CWE-284: Improper Access Control

CWE-288: Authentication Bypass Using an Alternate Path or Channel

CWE-295: Improper Certificate Validation

CWE-330: Use of Insufficiently Random Values

CWE-359: Exposure of Private Personal Information to an Unauthorized Actor

CWE-400: Uncontrolled Resource Consumption

CWE-404: Improper Resource Shutdown or Release

CWE-436: Interpretation Conflict

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-674: Uncontrolled Recursion

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-923: Improper Restriction of Communication Channel to Intended Endpoints

CWE-937: CWE-937

CWE-940: Improper Verification of Source of a Communication Channel

CWE-1035: CWE-1035

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-1333: Inefficient Regular Expression Complexity

CVE-2024-29857

Multiple vulnerabilities across Oracle products, including Utilities Application Framework, Fusion Middleware, and WebLogic Server, allow unauthenticated attackers to execute denial of service attacks, with CVSS scores of 7.5 and varying damage ratings.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2024-30171

Multiple vulnerabilities across Oracle Utilities, WebLogic Server, and Bouncy Castle libraries allow for denial of service attacks and sensitive data leakage through timing side-channel exploits.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-208 - Observable Timing Discrepancy

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2024-30172

Multiple vulnerabilities across Oracle Utilities Application Framework, WebLogic Server, and Business Intelligence Enterprise Edition, as well as Bouncy Castle libraries, allow unauthenticated attackers to induce denial of service, with CVSS scores of 7.5 for Oracle products.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2024-41996

A vulnerability in the Diffie-Hellman Key Agreement Protocol in OpenSSL allows remote attackers to cause excessive server-side computational load by exploiting public key order validation with approved safe primes, addressed in updates fixing CVE-2023-50782 and CVE-2024-41996.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-295 - Improper Certificate Validation

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-6965

Critical vulnerabilities in Oracle Communications Cloud Native Core Unified Data Repository and Oracle Siebel CRM Cloud Applications allow unauthenticated attackers full system compromise, while multiple SQLite-related flaws affect various products including NetApp and Apple software, causing memory corruption and integer truncation issues.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-197 - Numeric Truncation Error

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-7783

The form-data library's use of predictable random number generation for boundary values poses security risks, while vulnerabilities in HPE products allow for Remote Code Execution and Local Authentication Bypass.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-9230

Multiple OpenSSL versions have an out-of-bounds read/write vulnerability in RFC 3211 KEK unwrap related to password-based CMS decryption, with moderate severity due to low exploit likelihood, affecting products including NetApp, Oracle, and SAP components.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-9232

A low-severity out-of-bounds read vulnerability in OpenSSL HTTP client API occurs when the 'no_proxy' environment variable is set and the HTTP URL contains an IPv6 address, causing denial of service via application crash in multiple products including Oracle PeopleSoft and NetApp devices.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-9670

A security vulnerability in mixmark-io turndown up to version 7.2.1 allows remote attackers to exploit inefficient regular expression complexity in src/commonmark-rules.js, with a public exploit available.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-12816

This update addresses multiple golang exporter upgrades, fixes critical CVE-2025-12816 in Prometheus related to ASN.1 validation bypass in node-forge ≤1.3.1, and includes various bug fixes and optimizations across components like grafana, spacecmd, and uyuni-tools.

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-436 - Interpretation Conflict

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-15284

The qs library's `arrayLimit` option fails to enforce limits on bracket notation arrays, enabling denial-of-service attacks via memory exhaustion by parsing large arrays from user input.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-27769

Affected devices exhibit improper access control, enabling attackers to potentially access unauthorized services via the charging cable interface.

2.6 (Low)


                        
                          CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-40943

Certain devices contain a vulnerability where trace files are insufficiently sanitized, enabling attackers to execute code by deceiving users into importing malicious trace files.

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-55018

An HTTP request smuggling vulnerability in Fortinet FortiOS allows unauthenticated attackers to bypass firewall policies by sending specially crafted headers, potentially compromising security.

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-58751

Certain Vite applications allowed files in the public directory to be served without following `server.fs` settings, particularly when exposed to the network, with specific versions addressing this issue.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-58752

Vite versions prior to 7.1.5, 7.0.7, 6.3.6, and 5.4.20 contained a low-severity vulnerability allowing unauthorized access to HTML files outside configured directories via path traversal when the dev or preview server was exposed and appType was 'spa' or 'mpa'.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-58754

Axios is vulnerable to denial of service attacks due to unbounded memory allocation for `data:` URIs in versions prior to 0.30.2 and 1.12.0, with additional security issues noted in HPE and Oracle products.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-62439

A vulnerability in Fortinet FortiOS versions 7.0 through 7.6.4, specifically in the FSSO Terminal Services Agent, allows an authenticated user with knowledge of FSSO policy configurations to gain unauthorized access to protected network resources via crafted requests due to improper verification of the communication channel source.

4.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE-940 - Improper Verification of Source of a Communication Channel

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-62522

Vite versions from 2.9.18 to 7.1.11 had a vulnerability on Windows allowing access to files denied by `server.fs.deny` if the URL ended with `\\`, which has been patched in later releases.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-64157

Fortinet FortiOS versions 7.0 through 7.6.4, including FortiGate devices, contain a CWE-134 externally-controlled format string vulnerability that allows an authenticated admin to execute unauthorized code or commands via crafted configurations.

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-134 - Use of Externally-Controlled Format String

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-64718

Multiple vulnerabilities have been identified in js-yaml, Oracle Communications Unified Assurance, and HPE Telco software, allowing for prototype pollution and unauthorized access, with varying severity and available patches.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-64756

The glob CLI has a command injection vulnerability in its `-c/--cmd` option, allowing arbitrary command execution through malicious filenames, which has been patched in versions 10.5.0 and 11.1.0.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-66030

An Integer Overflow vulnerability in node-forge versions up to 1.3.1 allows remote attackers to craft ASN.1 OIDs with oversized arcs that bypass security controls via 32-bit truncation, fixed in version 1.3.2.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-66031

An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below allows remote attackers to exploit ASN.1 structures, leading to Denial-of-Service via stack exhaustion during TLS connections or certificate parsing.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-66035

The document outlines a vulnerability in Angular's HttpClient that allows unauthorized disclosure of the XSRF token due to improper handling of protocol-relative URLs, affecting versions prior to 19.2.16, 20.3.14, and 21.0.1.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-66412

A Stored Cross-Site Scripting vulnerability in Angular Template Compiler prior to versions 21.0.2, 20.3.15, and 19.2.17 allows attackers to inject malicious scripts via improperly validated URL attributes and SVG elements.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2025-69277

Libsodium versions prior to ad3004e contain vulnerabilities in the crypto_core_ed25519_is_valid_point function that cause improper validation of elliptic curve points, potentially allowing security bypasses in custom cryptographic scenarios.

4.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-184 - Incomplete List of Disallowed Inputs

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-22610

A Cross-Site Scripting (XSS) vulnerability in the Angular Template Compiler allows for arbitrary JavaScript execution via improperly sanitized SVG `<script>` attributes, affecting several Red Hat products with a moderate severity rating.

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-24858

Multiple Fortinet products including FortiAnalyzer, FortiManager, FortiOS, and FortiProxy have an authentication bypass vulnerability exploitable via FortiCloud SSO, allowing attackers with FortiCloud credentials to access other users' devices.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25569

An out-of-bounds write vulnerability in the SICAM SIAPP SDK could allow attackers to cause denial of service or execute arbitrary code, posing significant security risks.

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25570

The SICAM SIAPP SDK contains a vulnerability caused by insufficient input validation, which may result in stack overflow, enabling potential code execution and denial of service attacks.

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25571

The SICAM SIAPP SDK client component contains a stack overflow vulnerability caused by insufficient maximum length checks on certain variables, which can result in process crashes and denial of service.

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25572

The SICAM SIAPP SDK server component contains a stack overflow vulnerability caused by insufficient maximum length checks on certain variables, which can result in process crashes and denial of service.

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25573

The application executes shell commands constructed from user input, exposing it to command injection vulnerabilities that can lead to full system compromise.

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

CVE-2026-25605

The application fails to properly validate file paths during deletion, enabling attackers to delete authorized files or sockets, potentially causing service disruption or denial of service.

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 126 products

Product	Identifier	Version	Remediation
vers:unknown/* Siemens / Heliox Flex 180 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / Heliox Mobile DC 40 kW EV Charging Station		vers:unknown/*
vers:unknown/* Siemens / RUGGEDCOM APE1808		vers:unknown/*
vers:unknown/* Siemens / SICAM SIAPP SDK		vers:unknown/*
vers:unknown/* Siemens / SIDIS Prime		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1507S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S F V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S T V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S TF V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller CPU 1508S V4		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V2		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 Software Controller Linux V3		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-1500 TM MFP - GNU/Linux subsystem		vers:unknown/*
vers:unknown/* Siemens / SIMATIC S7-PLCSIM Advanced		vers:unknown/*

References

40 references

URL	Category
https://cert-portal.siemens.com/productcert/html/…	external
https://cert-portal.siemens.com/productcert/html/…	external
https://cert-portal.siemens.com/productcert/html/…	external
https://cert-portal.siemens.com/productcert/html/…	external
https://cert-portal.siemens.com/productcert/html/…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als Heliox, Ruggedcom, SICAM, SIDIS en SIMATIC.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- (Remote) code execution (root/admin rechten)\n- Toegang tot systeemgegevens\n- Verhogen van rechten\n\nVoor succesvol misbruik van de genoemde kwetsbaarheden moet de kwaadwillende toegang hebben tot de productie-omgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Relative Path Traversal",
        "title": "CWE-23"
      },
      {
        "category": "general",
        "text": "External Control of File Name or Path",
        "title": "CWE-73"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Use of Externally-Controlled Format String",
        "title": "CWE-134"
      },
      {
        "category": "general",
        "text": "Incorrect Behavior Order: Early Validation",
        "title": "CWE-179"
      },
      {
        "category": "general",
        "text": "Incomplete List of Disallowed Inputs",
        "title": "CWE-184"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Numeric Truncation Error",
        "title": "CWE-197"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information Into Sent Data",
        "title": "CWE-201"
      },
      {
        "category": "general",
        "text": "Observable Discrepancy",
        "title": "CWE-203"
      },
      {
        "category": "general",
        "text": "Observable Timing Discrepancy",
        "title": "CWE-208"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Authentication Bypass Using an Alternate Path or Channel",
        "title": "CWE-288"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Use of Insufficiently Random Values",
        "title": "CWE-330"
      },
      {
        "category": "general",
        "text": "Exposure of Private Personal Information to an Unauthorized Actor",
        "title": "CWE-359"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Interpretation Conflict",
        "title": "CWE-436"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Communication Channel to Intended Endpoints",
        "title": "CWE-923"
      },
      {
        "category": "general",
        "text": "CWE-937",
        "title": "CWE-937"
      },
      {
        "category": "general",
        "text": "Improper Verification of Source of a Communication Channel",
        "title": "CWE-940"
      },
      {
        "category": "general",
        "text": "CWE-1035",
        "title": "CWE-1035"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-126399.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-452276.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-903736.html"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-975644.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Siemens producten",
    "tracking": {
      "current_release_date": "2026-03-10T12:39:14.474522Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0079",
      "initial_release_date": "2026-03-10T12:39:14.474522Z",
      "revision_history": [
        {
          "date": "2026-03-10T12:39:14.474522Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Heliox Flex 180 kW EV Charging Station"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Heliox Mobile DC 40 kW EV Charging Station"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "SICAM SIAPP SDK"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "SIDIS Prime"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-9"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-10"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-11"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DK03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-12"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-13"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-14"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-15"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-16"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-17"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1514SP-2 PN (6ES7514-2DN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-18"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-19"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-20"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-21"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V2 CPUs - Windows OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-22"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Industrial OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-23"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) V3 CPUs - Windows OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-24"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V2 CPUs - Windows OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-25"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Industrial OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-26"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC3 (incl. SIPLUS variants) V3 CPUs - Windows OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-27"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-28"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-29"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-30"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-31"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-32"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-33"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-34"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-35"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-36"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-37"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-38"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-39"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-40"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-41"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-42"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CK01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-43"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-44"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-45"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-46"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-47"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-48"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-49"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-50"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RL00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-51"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-52"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513pro F-2 PN (6ES7513-2GM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-53"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-54"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-55"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-56"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-57"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-58"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-59"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-60"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RM00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-61"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-62"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TM01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-63"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-64"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UM01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-65"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-66"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-67"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-68"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-69"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-70"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN02-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-71"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-72"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516T-3 PN (6ES7516-3TP10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-73"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-74"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516TF-3 PN (6ES7516-3UP10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-75"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-76"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516pro F-2 PN (6ES7516-2GP03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-77"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1516pro-2 PN (6ES7516-2PP03-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-78"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517-3 PN (6ES7517-3AQ10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-79"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-80"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517F-3 PN (6ES7517-3FQ10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-81"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-82"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-83"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517H-3 PN (6ES7517-3HP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-84"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517H-4 PN (6ES7517-4HQ10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-85"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517T-3 PN (6ES7517-3TQ10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-86"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-87"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517TF-3 PN (6ES7517-3UQ10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-88"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-89"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-3 PN (6ES7518-3AT10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-90"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-91"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-92"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-93"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-3 PN (6ES7518-3FT10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-94"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-95"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-96"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-97"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-98"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518HF-4 PN (6ES7518-4JT10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-99"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518T-3 PN (6ES7518-3TT10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-100"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-101"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518TF-3 PN (6ES7518-3UT10-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-102"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-103"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK (6ES7518-4AP00-3AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-104"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK (6ES7518-4FP00-3AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-105"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN (6ES7513-2GL00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-106"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN (6ES7513-2PL00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-107"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN (6ES7516-2GN00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-108"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN (6ES7516-2PN00-0AB0)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-109"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S F V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-110"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S F V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-111"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S F V4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-112"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-113"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-114"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1507S V4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-115"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S F V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-116"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S F V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-117"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S F V4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-118"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S T V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-119"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S TF V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-120"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-121"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-122"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller CPU 1508S V4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-123"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller Linux V2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-124"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 Software Controller Linux V3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-125"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-126"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC S7-PLCSIM Advanced"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Oracle products, including Utilities Application Framework, Fusion Middleware, and WebLogic Server, allow unauthenticated attackers to execute denial of service attacks, with CVSS scores of 7.5 and varying damage ratings.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30171",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        },
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Oracle Utilities, WebLogic Server, and Bouncy Castle libraries allow for denial of service attacks and sensitive data leakage through timing side-channel exploits.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30171 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-30171.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2024-30171"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities across Oracle Utilities Application Framework, WebLogic Server, and Business Intelligence Enterprise Edition, as well as Bouncy Castle libraries, allow unauthenticated attackers to induce denial of service, with CVSS scores of 7.5 for Oracle products.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30172 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-30172.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-41996",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "description",
          "text": "A vulnerability in the Diffie-Hellman Key Agreement Protocol in OpenSSL allows remote attackers to cause excessive server-side computational load by exploiting public key order validation with approved safe primes, addressed in updates fixing CVE-2023-50782 and CVE-2024-41996.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41996 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-41996.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2024-41996"
    },
    {
      "cve": "CVE-2025-6965",
      "cwe": {
        "id": "CWE-197",
        "name": "Numeric Truncation Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Numeric Truncation Error",
          "title": "CWE-197"
        },
        {
          "category": "description",
          "text": "Critical vulnerabilities in Oracle Communications Cloud Native Core Unified Data Repository and Oracle Siebel CRM Cloud Applications allow unauthenticated attackers full system compromise, while multiple SQLite-related flaws affect various products including NetApp and Apple software, causing memory corruption and integer truncation issues.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-6965 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-6965"
    },
    {
      "cve": "CVE-2025-7783",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Insufficiently Random Values",
          "title": "CWE-330"
        },
        {
          "category": "description",
          "text": "The form-data library\u0027s use of predictable random number generation for boundary values poses security risks, while vulnerabilities in HPE products allow for Remote Code Execution and Local Authentication Bypass.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-7783 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7783.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-7783"
    },
    {
      "cve": "CVE-2025-9230",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "Multiple OpenSSL versions have an out-of-bounds read/write vulnerability in RFC 3211 KEK unwrap related to password-based CMS decryption, with moderate severity due to low exploit likelihood, affecting products including NetApp, Oracle, and SAP components.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9230 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9230.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-9230"
    },
    {
      "cve": "CVE-2025-9232",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "A low-severity out-of-bounds read vulnerability in OpenSSL HTTP client API occurs when the \u0027no_proxy\u0027 environment variable is set and the HTTP URL contains an IPv6 address, causing denial of service via application crash in multiple products including Oracle PeopleSoft and NetApp devices.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9232 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9232.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-9232"
    },
    {
      "cve": "CVE-2025-9670",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "A security vulnerability in mixmark-io turndown up to version 7.2.1 allows remote attackers to exploit inefficient regular expression complexity in src/commonmark-rules.js, with a public exploit available.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9670 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9670.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-9670"
    },
    {
      "cve": "CVE-2025-12816",
      "cwe": {
        "id": "CWE-436",
        "name": "Interpretation Conflict"
      },
      "notes": [
        {
          "category": "other",
          "text": "Interpretation Conflict",
          "title": "CWE-436"
        },
        {
          "category": "other",
          "text": "Incorrect Behavior Order: Early Validation",
          "title": "CWE-179"
        },
        {
          "category": "description",
          "text": "This update addresses multiple golang exporter upgrades, fixes critical CVE-2025-12816 in Prometheus related to ASN.1 validation bypass in node-forge \u22641.3.1, and includes various bug fixes and optimizations across components like grafana, spacecmd, and uyuni-tools.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-12816 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-12816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-12816"
    },
    {
      "cve": "CVE-2025-15284",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "The qs library\u0027s `arrayLimit` option fails to enforce limits on bracket notation arrays, enabling denial-of-service attacks via memory exhaustion by parsing large arrays from user input.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-15284 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-15284.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-15284"
    },
    {
      "cve": "CVE-2025-27769",
      "cwe": {
        "id": "CWE-923",
        "name": "Improper Restriction of Communication Channel to Intended Endpoints"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Communication Channel to Intended Endpoints",
          "title": "CWE-923"
        },
        {
          "category": "description",
          "text": "Affected devices exhibit improper access control, enabling attackers to potentially access unauthorized services via the charging cable interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27769 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27769.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-27769"
    },
    {
      "cve": "CVE-2025-40943",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "Certain devices contain a vulnerability where trace files are insufficiently sanitized, enabling attackers to execute code by deceiving users into importing malicious trace files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-40943 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-40943.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-40943"
    },
    {
      "cve": "CVE-2025-55018",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "description",
          "text": "An HTTP request smuggling vulnerability in Fortinet FortiOS allows unauthenticated attackers to bypass firewall policies by sending specially crafted headers, potentially compromising security.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-55018 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-55018"
    },
    {
      "cve": "CVE-2025-58751",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "description",
          "text": "Certain Vite applications allowed files in the public directory to be served without following `server.fs` settings, particularly when exposed to the network, with specific versions addressing this issue.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58751 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58751.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-58751"
    },
    {
      "cve": "CVE-2025-58752",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Relative Path Traversal",
          "title": "CWE-23"
        },
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "description",
          "text": "Vite versions prior to 7.1.5, 7.0.7, 6.3.6, and 5.4.20 contained a low-severity vulnerability allowing unauthorized access to HTML files outside configured directories via path traversal when the dev or preview server was exposed and appType was \u0027spa\u0027 or \u0027mpa\u0027.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58752 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58752.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-58752"
    },
    {
      "cve": "CVE-2025-58754",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Axios is vulnerable to denial of service attacks due to unbounded memory allocation for `data:` URIs in versions prior to 0.30.2 and 1.12.0, with additional security issues noted in HPE and Oracle products.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58754 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58754.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-58754"
    },
    {
      "cve": "CVE-2025-62439",
      "cwe": {
        "id": "CWE-940",
        "name": "Improper Verification of Source of a Communication Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Source of a Communication Channel",
          "title": "CWE-940"
        },
        {
          "category": "description",
          "text": "A vulnerability in Fortinet FortiOS versions 7.0 through 7.6.4, specifically in the FSSO Terminal Services Agent, allows an authenticated user with knowledge of FSSO policy configurations to gain unauthorized access to protected network resources via crafted requests due to improper verification of the communication channel source.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-62439 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-62439.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-62439"
    },
    {
      "cve": "CVE-2025-62522",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Vite versions from 2.9.18 to 7.1.11 had a vulnerability on Windows allowing access to files denied by `server.fs.deny` if the URL ended with `\\\\`, which has been patched in later releases.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-62522 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-62522.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-62522"
    },
    {
      "cve": "CVE-2025-64157",
      "cwe": {
        "id": "CWE-134",
        "name": "Use of Externally-Controlled Format String"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Externally-Controlled Format String",
          "title": "CWE-134"
        },
        {
          "category": "description",
          "text": "Fortinet FortiOS versions 7.0 through 7.6.4, including FortiGate devices, contain a CWE-134 externally-controlled format string vulnerability that allows an authenticated admin to execute unauthorized code or commands via crafted configurations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64157 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64157.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-64157"
    },
    {
      "cve": "CVE-2025-64718",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities have been identified in js-yaml, Oracle Communications Unified Assurance, and HPE Telco software, allowing for prototype pollution and unauthorized access, with varying severity and available patches.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64718 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64718.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-64718"
    },
    {
      "cve": "CVE-2025-64756",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "description",
          "text": "The glob CLI has a command injection vulnerability in its `-c/--cmd` option, allowing arbitrary command execution through malicious filenames, which has been patched in versions 10.5.0 and 11.1.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64756 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64756.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-64756"
    },
    {
      "cve": "CVE-2025-66030",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "description",
          "text": "An Integer Overflow vulnerability in node-forge versions up to 1.3.1 allows remote attackers to craft ASN.1 OIDs with oversized arcs that bypass security controls via 32-bit truncation, fixed in version 1.3.2.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66030 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66030.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-66030"
    },
    {
      "cve": "CVE-2025-66031",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "description",
          "text": "An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below allows remote attackers to exploit ASN.1 structures, leading to Denial-of-Service via stack exhaustion during TLS connections or certificate parsing.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66031 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-66031"
    },
    {
      "cve": "CVE-2025-66035",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information Into Sent Data",
          "title": "CWE-201"
        },
        {
          "category": "other",
          "text": "Exposure of Private Personal Information to an Unauthorized Actor",
          "title": "CWE-359"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "The document outlines a vulnerability in Angular\u0027s HttpClient that allows unauthorized disclosure of the XSRF token due to improper handling of protocol-relative URLs, affecting versions prior to 19.2.16, 20.3.14, and 21.0.1.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66035 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66035.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-66035"
    },
    {
      "cve": "CVE-2025-66412",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "A Stored Cross-Site Scripting vulnerability in Angular Template Compiler prior to versions 21.0.2, 20.3.15, and 19.2.17 allows attackers to inject malicious scripts via improperly validated URL attributes and SVG elements.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-66412 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-66412.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-66412"
    },
    {
      "cve": "CVE-2025-69277",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete List of Disallowed Inputs",
          "title": "CWE-184"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "Libsodium versions prior to ad3004e contain vulnerabilities in the crypto_core_ed25519_is_valid_point function that cause improper validation of elliptic curve points, potentially allowing security bypasses in custom cryptographic scenarios.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-69277 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-69277.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2025-69277"
    },
    {
      "cve": "CVE-2026-22610",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "other",
          "text": "CWE-1035",
          "title": "CWE-1035"
        },
        {
          "category": "other",
          "text": "CWE-937",
          "title": "CWE-937"
        },
        {
          "category": "description",
          "text": "A Cross-Site Scripting (XSS) vulnerability in the Angular Template Compiler allows for arbitrary JavaScript execution via improperly sanitized SVG `\u003cscript\u003e` attributes, affecting several Red Hat products with a moderate severity rating.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22610 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22610.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-22610"
    },
    {
      "cve": "CVE-2026-24858",
      "cwe": {
        "id": "CWE-288",
        "name": "Authentication Bypass Using an Alternate Path or Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authentication Bypass Using an Alternate Path or Channel",
          "title": "CWE-288"
        },
        {
          "category": "description",
          "text": "Multiple Fortinet products including FortiAnalyzer, FortiManager, FortiOS, and FortiProxy have an authentication bypass vulnerability exploitable via FortiCloud SSO, allowing attackers with FortiCloud credentials to access other users\u0027 devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-24858 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24858.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-24858"
    },
    {
      "cve": "CVE-2026-25569",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "description",
          "text": "An out-of-bounds write vulnerability in the SICAM SIAPP SDK could allow attackers to cause denial of service or execute arbitrary code, posing significant security risks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25569 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25569.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25569"
    },
    {
      "cve": "CVE-2026-25570",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "description",
          "text": "The SICAM SIAPP SDK contains a vulnerability caused by insufficient input validation, which may result in stack overflow, enabling potential code execution and denial of service attacks.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25570 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25570.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25570"
    },
    {
      "cve": "CVE-2026-25571",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        },
        {
          "category": "description",
          "text": "The SICAM SIAPP SDK client component contains a stack overflow vulnerability caused by insufficient maximum length checks on certain variables, which can result in process crashes and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25571 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25571.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25571"
    },
    {
      "cve": "CVE-2026-25572",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        },
        {
          "category": "description",
          "text": "The SICAM SIAPP SDK server component contains a stack overflow vulnerability caused by insufficient maximum length checks on certain variables, which can result in process crashes and denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25572 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25572.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25572"
    },
    {
      "cve": "CVE-2026-25573",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "External Control of File Name or Path",
          "title": "CWE-73"
        },
        {
          "category": "description",
          "text": "The application executes shell commands constructed from user input, exposing it to command injection vulnerabilities that can lead to full system compromise.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25573 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25573.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25573"
    },
    {
      "cve": "CVE-2026-25605",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "External Control of File Name or Path",
          "title": "CWE-73"
        },
        {
          "category": "description",
          "text": "The application fails to properly validate file paths during deletion, enabling attackers to delete authorized files or sockets, potentially causing service disruption or denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10",
          "CSAFPID-11",
          "CSAFPID-12",
          "CSAFPID-13",
          "CSAFPID-14",
          "CSAFPID-15",
          "CSAFPID-16",
          "CSAFPID-17",
          "CSAFPID-18",
          "CSAFPID-19",
          "CSAFPID-20",
          "CSAFPID-21",
          "CSAFPID-22",
          "CSAFPID-23",
          "CSAFPID-24",
          "CSAFPID-25",
          "CSAFPID-26",
          "CSAFPID-27",
          "CSAFPID-28",
          "CSAFPID-29",
          "CSAFPID-30",
          "CSAFPID-31",
          "CSAFPID-32",
          "CSAFPID-33",
          "CSAFPID-34",
          "CSAFPID-35",
          "CSAFPID-36",
          "CSAFPID-37",
          "CSAFPID-38",
          "CSAFPID-39",
          "CSAFPID-40",
          "CSAFPID-41",
          "CSAFPID-42",
          "CSAFPID-43",
          "CSAFPID-44",
          "CSAFPID-45",
          "CSAFPID-46",
          "CSAFPID-47",
          "CSAFPID-48",
          "CSAFPID-49",
          "CSAFPID-50",
          "CSAFPID-51",
          "CSAFPID-52",
          "CSAFPID-53",
          "CSAFPID-54",
          "CSAFPID-55",
          "CSAFPID-56",
          "CSAFPID-57",
          "CSAFPID-58",
          "CSAFPID-59",
          "CSAFPID-60",
          "CSAFPID-61",
          "CSAFPID-62",
          "CSAFPID-63",
          "CSAFPID-64",
          "CSAFPID-65",
          "CSAFPID-66",
          "CSAFPID-67",
          "CSAFPID-68",
          "CSAFPID-69",
          "CSAFPID-70",
          "CSAFPID-71",
          "CSAFPID-72",
          "CSAFPID-73",
          "CSAFPID-74",
          "CSAFPID-75",
          "CSAFPID-76",
          "CSAFPID-77",
          "CSAFPID-78",
          "CSAFPID-79",
          "CSAFPID-80",
          "CSAFPID-81",
          "CSAFPID-82",
          "CSAFPID-83",
          "CSAFPID-84",
          "CSAFPID-85",
          "CSAFPID-86",
          "CSAFPID-87",
          "CSAFPID-88",
          "CSAFPID-89",
          "CSAFPID-90",
          "CSAFPID-91",
          "CSAFPID-92",
          "CSAFPID-93",
          "CSAFPID-94",
          "CSAFPID-95",
          "CSAFPID-96",
          "CSAFPID-97",
          "CSAFPID-98",
          "CSAFPID-99",
          "CSAFPID-100",
          "CSAFPID-101",
          "CSAFPID-102",
          "CSAFPID-103",
          "CSAFPID-104",
          "CSAFPID-105",
          "CSAFPID-106",
          "CSAFPID-107",
          "CSAFPID-108",
          "CSAFPID-109",
          "CSAFPID-110",
          "CSAFPID-111",
          "CSAFPID-112",
          "CSAFPID-113",
          "CSAFPID-114",
          "CSAFPID-115",
          "CSAFPID-116",
          "CSAFPID-117",
          "CSAFPID-118",
          "CSAFPID-119",
          "CSAFPID-120",
          "CSAFPID-121",
          "CSAFPID-122",
          "CSAFPID-123",
          "CSAFPID-124",
          "CSAFPID-125",
          "CSAFPID-126"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-25605 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25605.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10",
            "CSAFPID-11",
            "CSAFPID-12",
            "CSAFPID-13",
            "CSAFPID-14",
            "CSAFPID-15",
            "CSAFPID-16",
            "CSAFPID-17",
            "CSAFPID-18",
            "CSAFPID-19",
            "CSAFPID-20",
            "CSAFPID-21",
            "CSAFPID-22",
            "CSAFPID-23",
            "CSAFPID-24",
            "CSAFPID-25",
            "CSAFPID-26",
            "CSAFPID-27",
            "CSAFPID-28",
            "CSAFPID-29",
            "CSAFPID-30",
            "CSAFPID-31",
            "CSAFPID-32",
            "CSAFPID-33",
            "CSAFPID-34",
            "CSAFPID-35",
            "CSAFPID-36",
            "CSAFPID-37",
            "CSAFPID-38",
            "CSAFPID-39",
            "CSAFPID-40",
            "CSAFPID-41",
            "CSAFPID-42",
            "CSAFPID-43",
            "CSAFPID-44",
            "CSAFPID-45",
            "CSAFPID-46",
            "CSAFPID-47",
            "CSAFPID-48",
            "CSAFPID-49",
            "CSAFPID-50",
            "CSAFPID-51",
            "CSAFPID-52",
            "CSAFPID-53",
            "CSAFPID-54",
            "CSAFPID-55",
            "CSAFPID-56",
            "CSAFPID-57",
            "CSAFPID-58",
            "CSAFPID-59",
            "CSAFPID-60",
            "CSAFPID-61",
            "CSAFPID-62",
            "CSAFPID-63",
            "CSAFPID-64",
            "CSAFPID-65",
            "CSAFPID-66",
            "CSAFPID-67",
            "CSAFPID-68",
            "CSAFPID-69",
            "CSAFPID-70",
            "CSAFPID-71",
            "CSAFPID-72",
            "CSAFPID-73",
            "CSAFPID-74",
            "CSAFPID-75",
            "CSAFPID-76",
            "CSAFPID-77",
            "CSAFPID-78",
            "CSAFPID-79",
            "CSAFPID-80",
            "CSAFPID-81",
            "CSAFPID-82",
            "CSAFPID-83",
            "CSAFPID-84",
            "CSAFPID-85",
            "CSAFPID-86",
            "CSAFPID-87",
            "CSAFPID-88",
            "CSAFPID-89",
            "CSAFPID-90",
            "CSAFPID-91",
            "CSAFPID-92",
            "CSAFPID-93",
            "CSAFPID-94",
            "CSAFPID-95",
            "CSAFPID-96",
            "CSAFPID-97",
            "CSAFPID-98",
            "CSAFPID-99",
            "CSAFPID-100",
            "CSAFPID-101",
            "CSAFPID-102",
            "CSAFPID-103",
            "CSAFPID-104",
            "CSAFPID-105",
            "CSAFPID-106",
            "CSAFPID-107",
            "CSAFPID-108",
            "CSAFPID-109",
            "CSAFPID-110",
            "CSAFPID-111",
            "CSAFPID-112",
            "CSAFPID-113",
            "CSAFPID-114",
            "CSAFPID-115",
            "CSAFPID-116",
            "CSAFPID-117",
            "CSAFPID-118",
            "CSAFPID-119",
            "CSAFPID-120",
            "CSAFPID-121",
            "CSAFPID-122",
            "CSAFPID-123",
            "CSAFPID-124",
            "CSAFPID-125",
            "CSAFPID-126"
          ]
        }
      ],
      "title": "CVE-2026-25605"
    }
  ]
}

SSA-253495

Vulnerability from csaf_siemens - Published: 2026-06-02 00:00 - Updated: 2026-06-02 00:00

Summary

SSA-253495: Multiple Vulnerabilities in SINEC OS before V4.0

Notes

Summary: SINEC OS before V4.0 contains multiple vulnerabilities. Siemens has released a new version for RUGGEDCOM RST2428P and recommends to update to the latest version.

Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

CVE-2025-1352

5.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-1376

2.5 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-6052

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-6141

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-6170

2.5 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-7039

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-8732

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-9086

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-9230

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-9231

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE-385 - Covert Timing Channel

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-9232

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-10966

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-13465

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-13601

7.7 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-39913

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40214

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40248

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40250

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40251

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-911 - Improper Update of Reference Count

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40252

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40254

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40257

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40258

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40261

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CWE-1341 - Multiple Releases of Same Resource or Handle

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40262

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40263

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40264

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40271

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-625 - Permissive Regular Expression

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40278

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40280

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40281

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE-1335 - Incorrect Bitwise Shift of Integer

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-40345

6.8 (Medium)


                        
                          CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-46394

3.2 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-451 - User Interface (UI) Misrepresentation of Critical Information

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-49794

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-49795

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-825 - Expired Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-49796

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-60876

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-284 - Improper Access Control

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-66035

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-66382

2.9 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-407 - Inefficient Algorithmic Complexity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-66412

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-69720

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71185

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71186

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71188

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71189

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71190

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2025-71191

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-1484

4.2 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-1489

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-3784

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-305 - Authentication Bypass by Primary Weakness

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-22610

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-22976

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-22977

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-489 - Active Debug Code

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23025

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23026

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23030

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23031

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23032

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23033

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23037

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23038

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23111

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23112

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23220

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23222

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23228

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23229

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-820 - Missing Synchronization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23230

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23231

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23236

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-23238

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-24515

2.9 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-25210

6.9 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-26157

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-26158

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-35535

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-271 - Privilege Dropping / Lowering Errors

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

CVE-2026-41918

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CWE-525 - Use of Web Browser Cache Containing Sensitive Information

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
RUGGEDCOM RST2428P (6GK6242-6PA00) Siemens / RUGGEDCOM RST2428P (6GK6242-6PA00)	`6GK6242-6PA00`	vers:intdot/<4.0	Vendor Fix fix

References

2 references

URL	Category
https://cert-portal.siemens.com/productcert/html/…	self
https://cert-portal.siemens.com/productcert/csaf/…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SINEC OS before V4.0 contains multiple vulnerabilities.\n\nSiemens has released a new version for RUGGEDCOM RST2428P and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-253495: Multiple Vulnerabilities in SINEC OS before V4.0 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
      },
      {
        "category": "self",
        "summary": "SSA-253495: Multiple Vulnerabilities in SINEC OS before V4.0 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-253495.json"
      }
    ],
    "title": "SSA-253495: Multiple Vulnerabilities in SINEC OS before V4.0",
    "tracking": {
      "current_release_date": "2026-06-02T00:00:00.000Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-253495",
      "initial_release_date": "2026-06-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-06-02T00:00:00.000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "interim",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c4.0",
                "product": {
                  "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)",
                  "product_id": "1",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK6242-6PA00"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM RST2428P (6GK6242-6PA00)"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-1352",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-1352"
    },
    {
      "cve": "CVE-2025-1376",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-1376"
    },
    {
      "cve": "CVE-2025-6052",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in how GLib\u2019s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn\u2019t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-6052"
    },
    {
      "cve": "CVE-2025-6141",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-6141"
    },
    {
      "cve": "CVE-2025-6170",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-6170"
    },
    {
      "cve": "CVE-2025-7039",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to manipulate file paths and access unauthorized data. The core issue stems from insufficient validation of file path lengths during temporary file operations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-7039"
    },
    {
      "cve": "CVE-2025-8732",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that \"[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-8732"
    },
    {
      "cve": "CVE-2025-9086",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "1. A cookie is set using the `secure` keyword for `https://target` \n 2. curl is redirected to or otherwise made to speak with `http://target` (same \n   hostname, but using clear text HTTP) using the same cookie set \n 3. The same cookie name is set - but with just a slash as path (`path=\\\"/\\\",`).\n   Since this site is not secure, the cookie *should* just be ignored.\n4. A bug in the path comparison logic makes curl read outside a heap buffer\n   boundary\n\nThe bug either causes a crash or it potentially makes the comparison come to\nthe wrong conclusion and lets the clear-text site override the contents of the\nsecure cookie, contrary to expectations and depending on the memory contents\nimmediately following the single-byte allocation that holds the path.\n\nThe presumed and correct behavior would be to plainly ignore the second set of\nthe cookie since it was already set as secure on a secure host so overriding\nit on an insecure host should not be okay.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9086"
    },
    {
      "cve": "CVE-2025-9230",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9230"
    },
    {
      "cve": "CVE-2025-9231",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: A timing side-channel which could potentially allow remote\nrecovery of the private key exists in the SM2 algorithm implementation on 64 bit\nARM platforms.\n\nImpact summary: A timing side-channel in SM2 signature computations on 64 bit\nARM platforms could allow recovering the private key by an attacker..\n\nWhile remote key recovery over a network was not attempted by the reporter,\ntiming measurements revealed a timing signal which may allow such an attack.\n\nOpenSSL does not directly support certificates with SM2 keys in TLS, and so\nthis CVE is not relevant in most TLS contexts.  However, given that it is\npossible to add support for such certificates via a custom provider, coupled\nwith the fact that in such a custom provider context the private key may be\nrecoverable via remote timing measurements, we consider this to be a Moderate\nseverity issue.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as SM2 is not an approved algorithm.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9231"
    },
    {
      "cve": "CVE-2025-9232",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9232"
    },
    {
      "cve": "CVE-2025-10966",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl\u0027s code for managing SSH connections when SFTP was done using the wolfSSH\npowered backend was flawed and missed host verification mechanisms.\n\nThis prevents curl from detecting MITM attackers and more.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-10966"
    },
    {
      "cve": "CVE-2025-13465",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset\u00a0and _.omit\u00a0functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\r\n\r\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\r\n\r\nThis issue is patched on 4.17.23",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-13465"
    },
    {
      "cve": "CVE-2025-13601",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-13601"
    },
    {
      "cve": "CVE-2025-39913",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-\u003ecork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n  1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n  2. Attach the prog to a SOCKMAP\n  3. Add a socket to the SOCKMAP\n  4. Activate fault injection\n  5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock-\u003ecork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk-\u003esk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet\u0027s call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock-\u003ecork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock-\u003ecork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 \u003c0f\u003e 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS:  00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \u003cIRQ\u003e\n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n \u003c/IRQ\u003e",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-39913"
    },
    {
      "cve": "CVE-2025-40214",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\naf_unix: Initialise scc_index in unix_add_edge().\r\n\r\nQuang Le reported that the AF_UNIX GC could garbage-collect a\r\nreceive queue of an alive in-flight socket, with a nice repro.\r\n\r\nThe repro consists of three stages.\r\n\r\n  1)\r\n    1-a. Create a single cyclic reference with many sockets\r\n    1-b. close() all sockets\r\n    1-c. Trigger GC\r\n\r\n  2)\r\n    2-a. Pass sk-A to an embryo sk-B\r\n    2-b. Pass sk-X to sk-X\r\n    2-c. Trigger GC\r\n\r\n  3)\r\n    3-a. accept() the embryo sk-B\r\n    3-b. Pass sk-B to sk-C\r\n    3-c. close() the in-flight sk-A\r\n    3-d. Trigger GC\r\n\r\nAs of 2-c, sk-A and sk-X are linked to unix_unvisited_vertices,\r\nand unix_walk_scc() groups them into two different SCCs:\r\n\r\n  unix_sk(sk-A)-\u003evertex-\u003escc_index = 2 (UNIX_VERTEX_INDEX_START)\r\n  unix_sk(sk-X)-\u003evertex-\u003escc_index = 3\r\n\r\nOnce GC completes, unix_graph_grouped is set to true.\r\nAlso, unix_graph_maybe_cyclic is set to true due to sk-X\u0027s\r\ncyclic self-reference, which makes close() trigger GC.\r\n\r\nAt 3-b, unix_add_edge() allocates unix_sk(sk-B)-\u003evertex and\r\nlinks it to unix_unvisited_vertices.\r\n\r\nunix_update_graph() is called at 3-a. and 3-b., but neither\r\nunix_graph_grouped nor unix_graph_maybe_cyclic is changed\r\nbecause both sk-B\u0027s listener and sk-C are not in-flight.\r\n\r\n3-c decrements sk-A\u0027s file refcnt to 1.\r\n\r\nSince unix_graph_grouped is true at 3-d, unix_walk_scc_fast()\r\nis finally called and iterates 3 sockets sk-A, sk-B, and sk-X:\r\n\r\n  sk-A -\u003e sk-B (-\u003e sk-C)\r\n  sk-X -\u003e sk-X\r\n\r\nThis is totally fine.  All of them are not yet close()d and\r\nshould be grouped into different SCCs.\r\n\r\nHowever, unix_vertex_dead() misjudges that sk-A and sk-B are\r\nin the same SCC and sk-A is dead.\r\n\r\n  unix_sk(sk-A)-\u003escc_index == unix_sk(sk-B)-\u003escc_index \u003c-- Wrong!\r\n  \u0026\u0026\r\n  sk-A\u0027s file refcnt == unix_sk(sk-A)-\u003evertex-\u003eout_degree\r\n                                       ^-- 1 in-flight count for sk-B\r\n  -\u003e sk-A is dead !?\r\n\r\nThe problem is that unix_add_edge() does not initialise scc_index.\r\n\r\nStage 1) is used for heap spraying, making a newly allocated\r\nvertex have vertex-\u003escc_index == 2 (UNIX_VERTEX_INDEX_START)\r\nset by unix_walk_scc() at 1-c.\r\n\r\nLet\u0027s track the max SCC index from the previous unix_walk_scc()\r\ncall and assign the max + 1 to a new vertex\u0027s scc_index.\r\n\r\nThis way, we can continue to avoid Tarjan\u0027s algorithm while\r\npreventing misjudgments.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40214"
    },
    {
      "cve": "CVE-2025-40248",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvsock: Ignore signal/timeout on connect() if already established\r\n\r\nDuring connect(), acting on a signal/timeout by disconnecting an already\r\nestablished socket leads to several issues:\r\n\r\n1. connect() invoking vsock_transport_cancel_pkt() -\u003e\r\n   virtio_transport_purge_skbs() may race with sendmsg() invoking\r\n   virtio_transport_get_credit(). This results in a permanently elevated\r\n   `vvs-\u003ebytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling.\r\n\r\n2. connect() resetting a connected socket\u0027s state may race with socket\r\n   being placed in a sockmap. A disconnected socket remaining in a sockmap\r\n   breaks sockmap\u0027s assumptions. And gives rise to WARNs.\r\n\r\n3. connect() transitioning SS_CONNECTED -\u003e SS_UNCONNECTED allows for a\r\n   transport change/drop after TCP_ESTABLISHED. Which poses a problem for\r\n   any simultaneous sendmsg() or connect() and may result in a\r\n   use-after-free/null-ptr-deref.\r\n\r\nDo not disconnect socket on signal/timeout. Keep the logic for unconnected\r\nsockets: they don\u0027t linger, can\u0027t be placed in a sockmap, are rejected by\r\nsendmsg().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40248"
    },
    {
      "cve": "CVE-2025-40250",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5: Clean up only new IRQ glue on request_irq() failure\r\n\r\nThe mlx5_irq_alloc() function can inadvertently free the entire rmap\r\nand end up in a crash[1] when the other threads tries to access this,\r\nwhen request_irq() fails due to exhausted IRQ vectors. This commit\r\nmodifies the cleanup to remove only the specific IRQ mapping that was\r\njust added.\r\n\r\nThis prevents removal of other valid mappings and ensures precise\r\ncleanup of the failed IRQ allocation\u0027s associated glue object.\r\n\r\nNote: This error is observed when both fwctl and rds configs are enabled.\r\n\r\n[1]\r\nmlx5_core 0000:05:00.0: Successfully registered panic handler for port 1\r\nmlx5_core 0000:05:00.0: mlx5_irq_alloc:293:(pid 66740): Failed to\r\nrequest irq. err = -28\r\ninfiniband mlx5_0: mlx5_ib_test_wc:290:(pid 66740): Error -28 while\r\ntrying to test write-combining support\r\nmlx5_core 0000:05:00.0: Successfully unregistered panic handler for port 1\r\nmlx5_core 0000:06:00.0: Successfully registered panic handler for port 1\r\nmlx5_core 0000:06:00.0: mlx5_irq_alloc:293:(pid 66740): Failed to\r\nrequest irq. err = -28\r\ninfiniband mlx5_0: mlx5_ib_test_wc:290:(pid 66740): Error -28 while\r\ntrying to test write-combining support\r\nmlx5_core 0000:06:00.0: Successfully unregistered panic handler for port 1\r\nmlx5_core 0000:03:00.0: mlx5_irq_alloc:293:(pid 28895): Failed to\r\nrequest irq. err = -28\r\nmlx5_core 0000:05:00.0: mlx5_irq_alloc:293:(pid 28895): Failed to\r\nrequest irq. err = -28\r\ngeneral protection fault, probably for non-canonical address\r\n0xe277a58fde16f291: 0000 [#1] SMP NOPTI\r\n\r\nRIP: 0010:free_irq_cpu_rmap+0x23/0x7d\r\nCall Trace:\r\n   \u003cTASK\u003e\r\n   ? show_trace_log_lvl+0x1d6/0x2f9\r\n   ? show_trace_log_lvl+0x1d6/0x2f9\r\n   ? mlx5_irq_alloc.cold+0x5d/0xf3 [mlx5_core]\r\n   ? __die_body.cold+0x8/0xa\r\n   ? die_addr+0x39/0x53\r\n   ? exc_general_protection+0x1c4/0x3e9\r\n   ? dev_vprintk_emit+0x5f/0x90\r\n   ? asm_exc_general_protection+0x22/0x27\r\n   ? free_irq_cpu_rmap+0x23/0x7d\r\n   mlx5_irq_alloc.cold+0x5d/0xf3 [mlx5_core]\r\n   irq_pool_request_vector+0x7d/0x90 [mlx5_core]\r\n   mlx5_irq_request+0x2e/0xe0 [mlx5_core]\r\n   mlx5_irq_request_vector+0xad/0xf7 [mlx5_core]\r\n   comp_irq_request_pci+0x64/0xf0 [mlx5_core]\r\n   create_comp_eq+0x71/0x385 [mlx5_core]\r\n   ? mlx5e_open_xdpsq+0x11c/0x230 [mlx5_core]\r\n   mlx5_comp_eqn_get+0x72/0x90 [mlx5_core]\r\n   ? xas_load+0x8/0x91\r\n   mlx5_comp_irqn_get+0x40/0x90 [mlx5_core]\r\n   mlx5e_open_channel+0x7d/0x3c7 [mlx5_core]\r\n   mlx5e_open_channels+0xad/0x250 [mlx5_core]\r\n   mlx5e_open_locked+0x3e/0x110 [mlx5_core]\r\n   mlx5e_open+0x23/0x70 [mlx5_core]\r\n   __dev_open+0xf1/0x1a5\r\n   __dev_change_flags+0x1e1/0x249\r\n   dev_change_flags+0x21/0x5c\r\n   do_setlink+0x28b/0xcc4\r\n   ? __nla_parse+0x22/0x3d\r\n   ? inet6_validate_link_af+0x6b/0x108\r\n   ? cpumask_next+0x1f/0x35\r\n   ? __snmp6_fill_stats64.constprop.0+0x66/0x107\r\n   ? __nla_validate_parse+0x48/0x1e6\r\n   __rtnl_newlink+0x5ff/0xa57\r\n   ? kmem_cache_alloc_trace+0x164/0x2ce\r\n   rtnl_newlink+0x44/0x6e\r\n   rtnetlink_rcv_msg+0x2bb/0x362\r\n   ? __netlink_sendskb+0x4c/0x6c\r\n   ? netlink_unicast+0x28f/0x2ce\r\n   ? rtnl_calcit.isra.0+0x150/0x146\r\n   netlink_rcv_skb+0x5f/0x112\r\n   netlink_unicast+0x213/0x2ce\r\n   netlink_sendmsg+0x24f/0x4d9\r\n   __sock_sendmsg+0x65/0x6a\r\n   ____sys_sendmsg+0x28f/0x2c9\r\n   ? import_iovec+0x17/0x2b\r\n   ___sys_sendmsg+0x97/0xe0\r\n   __sys_sendmsg+0x81/0xd8\r\n   do_syscall_64+0x35/0x87\r\n   entry_SYSCALL_64_after_hwframe+0x6e/0x0\r\nRIP: 0033:0x7fc328603727\r\nCode: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 0b ed\r\nff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00\r\nf0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 44 ed ff ff 48\r\nRSP: 002b:00007ffe8eb3f1a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\r\nRAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc328603727\r\nRDX: 0000000000000000 RSI: 00007ffe8eb3f1f0 RDI: 000000000000000d\r\nRBP: 00007ffe8eb3f1f0 R08: 0000000000000000 R09: 0000000000000000\r\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\r\nR13: 00000000000\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40250"
    },
    {
      "cve": "CVE-2025-40251",
      "cwe": {
        "id": "CWE-911",
        "name": "Improper Update of Reference Count"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndevlink: rate: Unset parent pointer in devl_rate_nodes_destroy\r\n\r\nThe function devl_rate_nodes_destroy is documented to \"Unset parent for\r\nall rate objects\". However, it was only calling the driver-specific\r\n`rate_leaf_parent_set` or `rate_node_parent_set` ops and decrementing\r\nthe parent\u0027s refcount, without actually setting the\r\n`devlink_rate-\u003eparent` pointer to NULL.\r\n\r\nThis leaves a dangling pointer in the `devlink_rate` struct, which cause\r\nrefcount error in netdevsim[1] and mlx5[2]. In addition, this is\r\ninconsistent with the behavior of `devlink_nl_rate_parent_node_set`,\r\nwhere the parent pointer is correctly cleared.\r\n\r\nThis patch fixes the issue by explicitly setting `devlink_rate-\u003eparent`\r\nto NULL after notifying the driver, thus fulfilling the function\u0027s\r\ndocumented behavior for all rate objects.\r\n\r\n[1]\r\nrepro steps:\r\necho 1 \u003e /sys/bus/netdevsim/new_device\r\ndevlink dev eswitch set netdevsim/netdevsim1 mode switchdev\r\necho 1 \u003e /sys/bus/netdevsim/devices/netdevsim1/sriov_numvfs\r\ndevlink port function rate add netdevsim/netdevsim1/test_node\r\ndevlink port function rate set netdevsim/netdevsim1/128 parent test_node\r\necho 1 \u003e /sys/bus/netdevsim/del_device\r\n\r\ndmesg:\r\nrefcount_t: decrement hit 0; leaking memory.\r\nWARNING: CPU: 8 PID: 1530 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0\r\nCPU: 8 UID: 0 PID: 1530 Comm: bash Not tainted 6.18.0-rc4+ #1 NONE\r\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\r\nRIP: 0010:refcount_warn_saturate+0x42/0xe0\r\nCall Trace:\r\n \u003cTASK\u003e\r\n devl_rate_leaf_destroy+0x8d/0x90\r\n __nsim_dev_port_del+0x6c/0x70 [netdevsim]\r\n nsim_dev_reload_destroy+0x11c/0x140 [netdevsim]\r\n nsim_drv_remove+0x2b/0xb0 [netdevsim]\r\n device_release_driver_internal+0x194/0x1f0\r\n bus_remove_device+0xc6/0x130\r\n device_del+0x159/0x3c0\r\n device_unregister+0x1a/0x60\r\n del_device_store+0x111/0x170 [netdevsim]\r\n kernfs_fop_write_iter+0x12e/0x1e0\r\n vfs_write+0x215/0x3d0\r\n ksys_write+0x5f/0xd0\r\n do_syscall_64+0x55/0x10f0\r\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\r\n\r\n[2]\r\ndevlink dev eswitch set pci/0000:08:00.0 mode switchdev\r\ndevlink port add pci/0000:08:00.0 flavour pcisf pfnum 0 sfnum 1000\r\ndevlink port function rate add pci/0000:08:00.0/group1\r\ndevlink port function rate set pci/0000:08:00.0/32768 parent group1\r\nmodprobe -r mlx5_ib mlx5_fwctl mlx5_core\r\n\r\ndmesg:\r\nrefcount_t: decrement hit 0; leaking memory.\r\nWARNING: CPU: 7 PID: 16151 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0\r\nCPU: 7 UID: 0 PID: 16151 Comm: bash Not tainted 6.17.0-rc7_for_upstream_min_debug_2025_10_02_12_44 #1 NONE\r\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\r\nRIP: 0010:refcount_warn_saturate+0x42/0xe0\r\nCall Trace:\r\n \u003cTASK\u003e\r\n devl_rate_leaf_destroy+0x8d/0x90\r\n mlx5_esw_offloads_devlink_port_unregister+0x33/0x60 [mlx5_core]\r\n mlx5_esw_offloads_unload_rep+0x3f/0x50 [mlx5_core]\r\n mlx5_eswitch_unload_sf_vport+0x40/0x90 [mlx5_core]\r\n mlx5_sf_esw_event+0xc4/0x120 [mlx5_core]\r\n notifier_call_chain+0x33/0xa0\r\n blocking_notifier_call_chain+0x3b/0x50\r\n mlx5_eswitch_disable_locked+0x50/0x110 [mlx5_core]\r\n mlx5_eswitch_disable+0x63/0x90 [mlx5_core]\r\n mlx5_unload+0x1d/0x170 [mlx5_core]\r\n mlx5_uninit_one+0xa2/0x130 [mlx5_core]\r\n remove_one+0x78/0xd0 [mlx5_core]\r\n pci_device_remove+0x39/0xa0\r\n device_release_driver_internal+0x194/0x1f0\r\n unbind_store+0x99/0xa0\r\n kernfs_fop_write_iter+0x12e/0x1e0\r\n vfs_write+0x215/0x3d0\r\n ksys_write+0x5f/0xd0\r\n do_syscall_64+0x53/0x1f0\r\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40251"
    },
    {
      "cve": "CVE-2025-40252",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()\r\n\r\nThe loops in \u0027qede_tpa_cont()\u0027 and \u0027qede_tpa_end()\u0027, iterate\r\nover \u0027cqe-\u003elen_list[]\u0027 using only a zero-length terminator as\r\nthe stopping condition. If the terminator was missing or\r\nmalformed, the loop could run past the end of the fixed-size array.\r\n\r\nAdd an explicit bound check using ARRAY_SIZE() in both loops to prevent\r\na potential out-of-bounds access.\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40252"
    },
    {
      "cve": "CVE-2025-40254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: openvswitch: remove never-working support for setting nsh fields\r\n\r\nThe validation of the set(nsh(...)) action is completely wrong.\r\nIt runs through the nsh_key_put_from_nlattr() function that is the\r\nsame function that validates NSH keys for the flow match and the\r\npush_nsh() action.  However, the set(nsh(...)) has a very different\r\nmemory layout.  Nested attributes in there are doubled in size in\r\ncase of the masked set().  That makes proper validation impossible.\r\n\r\nThere is also confusion in the code between the \u0027masked\u0027 flag, that\r\nsays that the nested attributes are doubled in size containing both\r\nthe value and the mask, and the \u0027is_mask\u0027 that says that the value\r\nwe\u0027re parsing is the mask.  This is causing kernel crash on trying to\r\nwrite into mask part of the match with SW_FLOW_KEY_PUT() during\r\nvalidation, while validate_nsh() doesn\u0027t allocate any memory for it:\r\n\r\n  BUG: kernel NULL pointer dereference, address: 0000000000000018\r\n  #PF: supervisor read access in kernel mode\r\n  #PF: error_code(0x0000) - not-present page\r\n  PGD 1c2383067 P4D 1c2383067 PUD 20b703067 PMD 0\r\n  Oops: Oops: 0000 [#1] SMP NOPTI\r\n  CPU: 8 UID: 0 Kdump: loaded Not tainted 6.17.0-rc4+ #107 PREEMPT(voluntary)\r\n  RIP: 0010:nsh_key_put_from_nlattr+0x19d/0x610 [openvswitch]\r\n  Call Trace:\r\n   \u003cTASK\u003e\r\n   validate_nsh+0x60/0x90 [openvswitch]\r\n   validate_set.constprop.0+0x270/0x3c0 [openvswitch]\r\n   __ovs_nla_copy_actions+0x477/0x860 [openvswitch]\r\n   ovs_nla_copy_actions+0x8d/0x100 [openvswitch]\r\n   ovs_packet_cmd_execute+0x1cc/0x310 [openvswitch]\r\n   genl_family_rcv_msg_doit+0xdb/0x130\r\n   genl_family_rcv_msg+0x14b/0x220\r\n   genl_rcv_msg+0x47/0xa0\r\n   netlink_rcv_skb+0x53/0x100\r\n   genl_rcv+0x24/0x40\r\n   netlink_unicast+0x280/0x3b0\r\n   netlink_sendmsg+0x1f7/0x430\r\n   ____sys_sendmsg+0x36b/0x3a0\r\n   ___sys_sendmsg+0x87/0xd0\r\n   __sys_sendmsg+0x6d/0xd0\r\n   do_syscall_64+0x7b/0x2c0\r\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e\r\n\r\nThe third issue with this process is that while trying to convert\r\nthe non-masked set into masked one, validate_set() copies and doubles\r\nthe size of the OVS_KEY_ATTR_NSH as if it didn\u0027t have any nested\r\nattributes.  It should be copying each nested attribute and doubling\r\nthem in size independently.  And the process must be properly reversed\r\nduring the conversion back from masked to a non-masked variant during\r\nthe flow dump.\r\n\r\nIn the end, the only two outcomes of trying to use this action are\r\neither validation failure or a kernel crash.  And if somehow someone\r\nmanages to install a flow with such an action, it will most definitely\r\nnot do what it is supposed to, since all the keys and the masks are\r\nmixed up.\r\n\r\nFixing all the issues is a complex task as it requires re-writing\r\nmost of the validation code.\r\n\r\nGiven that and the fact that this functionality never worked since\r\nintroduction, let\u0027s just remove it altogether.  It\u0027s better to\r\nre-introduce it later with a proper implementation instead of trying\r\nto fix it in stable releases.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40254"
    },
    {
      "cve": "CVE-2025-40257",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmptcp: fix a race in mptcp_pm_del_add_timer()\r\n\r\nmptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, \u0026entry-\u003eadd_timer)\r\nwhile another might have free entry already, as reported by syzbot.\r\n\r\nAdd RCU protection to fix this issue.\r\n\r\nAlso change confusing add_timer variable with stop_timer boolean.\r\n\r\nsyzbot report:\r\n\r\nBUG: KASAN: slab-use-after-free in __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\r\nRead of size 4 at addr ffff8880311e4150 by task kworker/1:1/44\r\n\r\nCPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025\r\nWorkqueue: events mptcp_worker\r\nCall Trace:\r\n \u003cTASK\u003e\r\n  dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\r\n  print_address_description mm/kasan/report.c:378 [inline]\r\n  print_report+0xca/0x240 mm/kasan/report.c:482\r\n  kasan_report+0x118/0x150 mm/kasan/report.c:595\r\n  __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616\r\n  sk_stop_timer_sync+0x1b/0x90 net/core/sock.c:3631\r\n  mptcp_pm_del_add_timer+0x283/0x310 net/mptcp/pm.c:362\r\n  mptcp_incoming_options+0x1357/0x1f60 net/mptcp/options.c:1174\r\n  tcp_data_queue+0xca/0x6450 net/ipv4/tcp_input.c:5361\r\n  tcp_rcv_established+0x1335/0x2670 net/ipv4/tcp_input.c:6441\r\n  tcp_v4_do_rcv+0x98b/0xbf0 net/ipv4/tcp_ipv4.c:1931\r\n  tcp_v4_rcv+0x252a/0x2dc0 net/ipv4/tcp_ipv4.c:2374\r\n  ip_protocol_deliver_rcu+0x221/0x440 net/ipv4/ip_input.c:205\r\n  ip_local_deliver_finish+0x3bb/0x6f0 net/ipv4/ip_input.c:239\r\n  NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\r\n  NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\r\n  __netif_receive_skb_one_core net/core/dev.c:6079 [inline]\r\n  __netif_receive_skb+0x143/0x380 net/core/dev.c:6192\r\n  process_backlog+0x31e/0x900 net/core/dev.c:6544\r\n  __napi_poll+0xb6/0x540 net/core/dev.c:7594\r\n  napi_poll net/core/dev.c:7657 [inline]\r\n  net_rx_action+0x5f7/0xda0 net/core/dev.c:7784\r\n  handle_softirqs+0x22f/0x710 kernel/softirq.c:622\r\n  __do_softirq kernel/softirq.c:656 [inline]\r\n  __local_bh_enable_ip+0x1a0/0x2e0 kernel/softirq.c:302\r\n  mptcp_pm_send_ack net/mptcp/pm.c:210 [inline]\r\n mptcp_pm_addr_send_ack+0x41f/0x500 net/mptcp/pm.c:-1\r\n  mptcp_pm_worker+0x174/0x320 net/mptcp/pm.c:1002\r\n  mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\r\n  process_one_work kernel/workqueue.c:3263 [inline]\r\n  process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\r\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\r\n  kthread+0x711/0x8a0 kernel/kthread.c:463\r\n  ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\r\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\r\n \u003c/TASK\u003e\r\n\r\nAllocated by task 44:\r\n  kasan_save_stack mm/kasan/common.c:56 [inline]\r\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\r\n  poison_kmalloc_redzone mm/kasan/common.c:400 [inline]\r\n  __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:417\r\n  kasan_kmalloc include/linux/kasan.h:262 [inline]\r\n  __kmalloc_cache_noprof+0x1ef/0x6c0 mm/slub.c:5748\r\n  kmalloc_noprof include/linux/slab.h:957 [inline]\r\n  mptcp_pm_alloc_anno_list+0x104/0x460 net/mptcp/pm.c:385\r\n  mptcp_pm_create_subflow_or_signal_addr+0xf9d/0x1360 net/mptcp/pm_kernel.c:355\r\n  mptcp_pm_nl_fully_established net/mptcp/pm_kernel.c:409 [inline]\r\n  __mptcp_pm_kernel_worker+0x417/0x1ef0 net/mptcp/pm_kernel.c:1529\r\n  mptcp_pm_worker+0x1ee/0x320 net/mptcp/pm.c:1008\r\n  mptcp_worker+0xd5/0x1170 net/mptcp/protocol.c:2762\r\n  process_one_work kernel/workqueue.c:3263 [inline]\r\n  process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346\r\n  worker_thread+0x8a0/0xda0 kernel/workqueue.c:3427\r\n  kthread+0x711/0x8a0 kernel/kthread.c:463\r\n  ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\r\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\r\n\r\nFreed by task 6630:\r\n  kasan_save_stack mm/kasan/common.c:56 [inline]\r\n  kasan_save_track+0x3e/0x80 mm/kasan/common.c:77\r\n  __kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:587\r\n  kasan_save_free_info mm/kasan/kasan.h:406 [inline]\r\n  poison_slab_object m\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40257"
    },
    {
      "cve": "CVE-2025-40258",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmptcp: fix race condition in mptcp_schedule_work()\r\n\r\nsyzbot reported use-after-free in mptcp_schedule_work() [1]\r\n\r\nIssue here is that mptcp_schedule_work() schedules a work,\r\nthen gets a refcount on sk-\u003esk_refcnt if the work was scheduled.\r\nThis refcount will be released by mptcp_worker().\r\n\r\n[A] if (schedule_work(...)) {\r\n[B]     sock_hold(sk);\r\n        return true;\r\n    }\r\n\r\nProblem is that mptcp_worker() can run immediately and complete before [B]\r\n\r\nWe need instead :\r\n\r\n    sock_hold(sk);\r\n    if (schedule_work(...))\r\n        return true;\r\n    sock_put(sk);\r\n\r\n[1]\r\nrefcount_t: addition on 0; use-after-free.\r\n WARNING: CPU: 1 PID: 29 at lib/refcount.c:25 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:25\r\nCall Trace:\r\n \u003cTASK\u003e\r\n __refcount_add include/linux/refcount.h:-1 [inline]\r\n  __refcount_inc include/linux/refcount.h:366 [inline]\r\n  refcount_inc include/linux/refcount.h:383 [inline]\r\n  sock_hold include/net/sock.h:816 [inline]\r\n  mptcp_schedule_work+0x164/0x1a0 net/mptcp/protocol.c:943\r\n  mptcp_tout_timer+0x21/0xa0 net/mptcp/protocol.c:2316\r\n  call_timer_fn+0x17e/0x5f0 kernel/time/timer.c:1747\r\n  expire_timers kernel/time/timer.c:1798 [inline]\r\n  __run_timers kernel/time/timer.c:2372 [inline]\r\n  __run_timer_base+0x648/0x970 kernel/time/timer.c:2384\r\n  run_timer_base kernel/time/timer.c:2393 [inline]\r\n  run_timer_softirq+0xb7/0x180 kernel/time/timer.c:2403\r\n  handle_softirqs+0x22f/0x710 kernel/softirq.c:622\r\n  __do_softirq kernel/softirq.c:656 [inline]\r\n  run_ktimerd+0xcf/0x190 kernel/softirq.c:1138\r\n  smpboot_thread_fn+0x542/0xa60 kernel/smpboot.c:160\r\n  kthread+0x711/0x8a0 kernel/kthread.c:463\r\n  ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\r\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40258"
    },
    {
      "cve": "CVE-2025-40261",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl()\r\n\r\nnvme_fc_delete_assocation() waits for pending I/O to complete before\r\nreturning, and an error can cause -\u003eioerr_work to be queued after\r\ncancel_work_sync() had been called.  Move the call to cancel_work_sync() to\r\nbe after nvme_fc_delete_association() to ensure -\u003eioerr_work is not running\r\nwhen the nvme_fc_ctrl object is freed.  Otherwise the following can occur:\r\n\r\n[ 1135.911754] list_del corruption, ff2d24c8093f31f8-\u003enext is NULL\r\n[ 1135.917705] ------------[ cut here ]------------\r\n[ 1135.922336] kernel BUG at lib/list_debug.c:52!\r\n[ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI\r\n[ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary)\r\n[ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025\r\n[ 1135.950969] Workqueue:  0x0 (nvme-wq)\r\n[ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f\r\n[ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff \u003c0f\u003e 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b\r\n[ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046\r\n[ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000\r\n[ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0\r\n[ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08\r\n[ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100\r\n[ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0\r\n[ 1136.020677] FS:  0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000\r\n[ 1136.028765] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\n[ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0\r\n[ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\r\n[ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\r\n[ 1136.055910] PKRU: 55555554\r\n[ 1136.058623] Call Trace:\r\n[ 1136.061074]  \u003cTASK\u003e\r\n[ 1136.063179]  ? show_trace_log_lvl+0x1b0/0x2f0\r\n[ 1136.067540]  ? show_trace_log_lvl+0x1b0/0x2f0\r\n[ 1136.071898]  ? move_linked_works+0x4a/0xa0\r\n[ 1136.075998]  ? __list_del_entry_valid_or_report.cold+0xf/0x6f\r\n[ 1136.081744]  ? __die_body.cold+0x8/0x12\r\n[ 1136.085584]  ? die+0x2e/0x50\r\n[ 1136.088469]  ? do_trap+0xca/0x110\r\n[ 1136.091789]  ? do_error_trap+0x65/0x80\r\n[ 1136.095543]  ? __list_del_entry_valid_or_report.cold+0xf/0x6f\r\n[ 1136.101289]  ? exc_invalid_op+0x50/0x70\r\n[ 1136.105127]  ? __list_del_entry_valid_or_report.cold+0xf/0x6f\r\n[ 1136.110874]  ? asm_exc_invalid_op+0x1a/0x20\r\n[ 1136.115059]  ? __list_del_entry_valid_or_report.cold+0xf/0x6f\r\n[ 1136.120806]  move_linked_works+0x4a/0xa0\r\n[ 1136.124733]  worker_thread+0x216/0x3a0\r\n[ 1136.128485]  ? __pfx_worker_thread+0x10/0x10\r\n[ 1136.132758]  kthread+0xfa/0x240\r\n[ 1136.135904]  ? __pfx_kthread+0x10/0x10\r\n[ 1136.139657]  ret_from_fork+0x31/0x50\r\n[ 1136.143236]  ? __pfx_kthread+0x10/0x10\r\n[ 1136.146988]  ret_from_fork_asm+0x1a/0x30\r\n[ 1136.150915]  \u003c/TASK\u003e",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40261"
    },
    {
      "cve": "CVE-2025-40262",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: imx_sc_key - fix memory corruption on unload\r\n\r\nThis is supposed to be \"priv\" but we accidentally pass \"\u0026priv\" which is\r\nan address in the stack and so it will lead to memory corruption when\r\nthe imx_sc_key_action() function is called.  Remove the \u0026.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40262"
    },
    {
      "cve": "CVE-2025-40263",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nInput: cros_ec_keyb - fix an invalid memory access\r\n\r\nIf cros_ec_keyb_register_matrix() isn\u0027t called (due to\r\n`buttons_switches_only`) in cros_ec_keyb_probe(), `ckdev-\u003eidev` remains\r\nNULL.  An invalid memory access is observed in cros_ec_keyb_process()\r\nwhen receiving an EC_MKBP_EVENT_KEY_MATRIX event in cros_ec_keyb_work()\r\nin such case.\r\n\r\n  Unable to handle kernel read from unreadable memory at virtual address 0000000000000028\r\n  ...\r\n  x3 : 0000000000000000 x2 : 0000000000000000\r\n  x1 : 0000000000000000 x0 : 0000000000000000\r\n  Call trace:\r\n  input_event\r\n  cros_ec_keyb_work\r\n  blocking_notifier_call_chain\r\n  ec_irq_thread\r\n\r\nIt\u0027s still unknown about why the kernel receives such malformed event,\r\nin any cases, the kernel shouldn\u0027t access `ckdev-\u003eidev` and friends if\r\nthe driver doesn\u0027t intend to initialize them.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40263"
    },
    {
      "cve": "CVE-2025-40264",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbe2net: pass wrb_params in case of OS2BMC\r\n\r\nbe_insert_vlan_in_pkt() is called with the wrb_params argument being NULL\r\nat be_send_pkt_to_bmc() call site.\u00a0 This may lead to dereferencing a NULL\r\npointer when processing a workaround for specific packet, as commit\r\nbc0c3405abbb (\"be2net: fix a Tx stall bug caused by a specific ipv6\r\npacket\") states.\r\n\r\nThe correct way would be to pass the wrb_params from be_xmit().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40264"
    },
    {
      "cve": "CVE-2025-40271",
      "cwe": {
        "id": "CWE-625",
        "name": "Permissive Regular Expression"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: fix uaf in proc_readdir_de()\n\nPde is erased from subdir rbtree through rb_erase(), but not set the node\nto EMPTY, which may result in uaf access.  We should use RB_CLEAR_NODE()\nset the erased node to EMPTY, then pde_subdir_next() will return NULL to\navoid uaf access.\n\nWe found an uaf issue while using stress-ng testing, need to run testcase\ngetdent and tun in the same time.  The steps of the issue is as follows:\n\n1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current\n   pde is tun3;\n\n2) in the [time windows] unregister netdevice tun3 and tun2, and erase\n   them from rbtree.  erase tun3 first, and then erase tun2.  the\n   pde(tun2) will be released to slab;\n\n3) continue to getdent process, then pde_subdir_next() will return\n   pde(tun2) which is released, it will case uaf access.\n\nCPU 0                                      |    CPU 1\n-------------------------------------------------------------------------\ntraverse dir /proc/pid/net/dev_snmp6/      |   unregister_netdevice(tun-\u003edev)   //tun3 tun2\nsys_getdents64()                           |\n  iterate_dir()                            |\n    proc_readdir()                         |\n      proc_readdir_de()                    |     snmp6_unregister_dev()\n        pde_get(de);                       |       proc_remove()\n        read_unlock(\u0026proc_subdir_lock);    |         remove_proc_subtree()\n                                           |           write_lock(\u0026proc_subdir_lock);\n        [time window]                      |           rb_erase(\u0026root-\u003esubdir_node, \u0026parent-\u003esubdir);\n                                           |           write_unlock(\u0026proc_subdir_lock);\n        read_lock(\u0026proc_subdir_lock);      |\n        next = pde_subdir_next(de);        |\n        pde_put(de);                       |\n        de = next;    //UAF                |\n\nrbtree of dev_snmp6\n                        |\n                    pde(tun3)\n                     /    \\\n                  NULL  pde(tun2)",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40271"
    },
    {
      "cve": "CVE-2025-40278",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak\n\nFix a KMSAN kernel-infoleak detected  by the syzbot .\n\n[net?] KMSAN: kernel-infoleak in __skb_datagram_iter\n\nIn tcf_ife_dump(), the variable \u0027opt\u0027 was partially initialized using a\ndesignatied initializer. While the padding bytes are reamined\nuninitialized. nla_put() copies the entire structure into a\nnetlink message, these uninitialized bytes leaked to userspace.\n\nInitialize the structure with memset before assigning its fields\nto ensure all members and padding are cleared prior to beign copied.\n\nThis change silences the KMSAN report and prevents potential information\nleaks from the kernel memory.\n\nThis fix has been tested and validated by syzbot. This patch closes the\nbug reported at the following syzkaller link and ensures no infoleak.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40278"
    },
    {
      "cve": "CVE-2025-40280",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_mon_reinit_self().\n\nsyzbot reported use-after-free of tipc_net(net)-\u003emonitors[]\nin tipc_mon_reinit_self(). [0]\n\nThe array is protected by RTNL, but tipc_mon_reinit_self()\niterates over it without RTNL.\n\ntipc_mon_reinit_self() is called from tipc_net_finalize(),\nwhich is always under RTNL except for tipc_net_finalize_work().\n\nLet\u0027s hold RTNL in tipc_net_finalize_work().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\nBUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\nRead of size 1 at addr ffff88805eae1030 by task kworker/0:7/5989\n\nCPU: 0 UID: 0 PID: 5989 Comm: kworker/0:7 Not tainted syzkaller #0 PREEMPT_{RT,(full)}\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025\nWorkqueue: events tipc_net_finalize_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n __kasan_check_byte+0x2a/0x40 mm/kasan/common.c:568\n kasan_check_byte include/linux/kasan.h:399 [inline]\n lock_acquire+0x8d/0x360 kernel/locking/lockdep.c:5842\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162\n rtlock_slowlock kernel/locking/rtmutex.c:1894 [inline]\n rwbase_rtmutex_lock_state kernel/locking/spinlock_rt.c:160 [inline]\n rwbase_write_lock+0xd3/0x7e0 kernel/locking/rwbase_rt.c:244\n rt_write_lock+0x76/0x110 kernel/locking/spinlock_rt.c:243\n write_lock_bh include/linux/rwlock_rt.h:99 [inline]\n tipc_mon_reinit_self+0x79/0x430 net/tipc/monitor.c:718\n tipc_net_finalize+0x115/0x190 net/tipc/net.c:140\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3319\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400\n kthread+0x70e/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x439/0x7d0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 6089:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x1a8/0x320 mm/slub.c:4407\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n tipc_mon_create+0xc3/0x4d0 net/tipc/monitor.c:657\n tipc_enable_bearer net/tipc/bearer.c:357 [inline]\n __tipc_nl_bearer_enable+0xe16/0x13f0 net/tipc/bearer.c:1047\n __tipc_nl_compat_doit net/tipc/netlink_compat.c:371 [inline]\n tipc_nl_compat_doit+0x3bc/0x5f0 net/tipc/netlink_compat.c:393\n tipc_nl_compat_handle net/tipc/netlink_compat.c:-1 [inline]\n tipc_nl_compat_recv+0x83c/0xbe0 net/tipc/netlink_compat.c:1321\n genl_family_rcv_msg_doit+0x215/0x300 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x60e/0x790 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]\n netlink_unicast+0x846/0xa10 net/netlink/af_netlink.c:1346\n netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x21c/0x270 net/socket.c:729\n ____sys_sendmsg+0x508/0x820 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x1a1/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40280"
    },
    {
      "cve": "CVE-2025-40281",
      "cwe": {
        "id": "CWE-1335",
        "name": "Incorrect Bitwise Shift of Integer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto\n\nsyzbot reported a possible shift-out-of-bounds [1]\n\nBlamed commit added rto_alpha_max and rto_beta_max set to 1000.\n\nIt is unclear if some sctp users are setting very large rto_alpha\nand/or rto_beta.\n\nIn order to prevent user regression, perform the test at run time.\n\nAlso add READ_ONCE() annotations as sysctl values can change under us.\n\n[1]\n\nUBSAN: shift-out-of-bounds in net/sctp/transport.c:509:41\nshift exponent 64 is too large for 32-bit type \u0027unsigned int\u0027\nCPU: 0 UID: 0 PID: 16704 Comm: syz.2.2320 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025\nCall Trace:\n \u003cTASK\u003e\n  __dump_stack lib/dump_stack.c:94 [inline]\n  dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120\n  ubsan_epilogue lib/ubsan.c:233 [inline]\n  __ubsan_handle_shift_out_of_bounds+0x27f/0x420 lib/ubsan.c:494\n  sctp_transport_update_rto.cold+0x1c/0x34b net/sctp/transport.c:509\n  sctp_check_transmitted+0x11c4/0x1c30 net/sctp/outqueue.c:1502\n  sctp_outq_sack+0x4ef/0x1b20 net/sctp/outqueue.c:1338\n  sctp_cmd_process_sack net/sctp/sm_sideeffect.c:840 [inline]\n  sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1372 [inline]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40281"
    },
    {
      "cve": "CVE-2025-40345",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: storage: sddr55: Reject out-of-bound new_pba\r\n\r\nDiscovered by Atuin - Automated Vulnerability Discovery Engine.\r\n\r\nnew_pba comes from the status packet returned after each write.\r\nA bogus device could report values beyond the block count derived\r\nfrom info-\u003ecapacity, letting the driver walk off the end of\r\npba_to_lba[] and corrupt heap memory.\r\n\r\nReject PBAs that exceed the computed block count and fail the\r\ntransfer so we avoid touching out-of-range mapping entries.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-40345"
    },
    {
      "cve": "CVE-2025-46394",
      "cwe": {
        "id": "CWE-451",
        "name": "User Interface (UI) Misrepresentation of Critical Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-46394"
    },
    {
      "cve": "CVE-2025-49794",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-49794"
    },
    {
      "cve": "CVE-2025-49795",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-49795"
    },
    {
      "cve": "CVE-2025-49796",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-49796"
    },
    {
      "cve": "CVE-2025-60876",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-60876"
    },
    {
      "cve": "CVE-2025-66035",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular\u0027s HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66035"
    },
    {
      "cve": "CVE-2025-66382",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66382"
    },
    {
      "cve": "CVE-2025-66412",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66412"
    },
    {
      "cve": "CVE-2025-69720",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-69720"
    },
    {
      "cve": "CVE-2025-71185",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: ti: dma-crossbar: fix device leak on am335x route allocation\r\n\r\nMake sure to drop the reference taken when looking up the crossbar\r\nplatform device during am335x route allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71185"
    },
    {
      "cve": "CVE-2025-71186",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: stm32: dmamux: fix device leak on route allocation\r\n\r\nMake sure to drop the reference taken when looking up the DMA mux\r\nplatform device during route allocation.\r\n\r\nNote that holding a reference to a device does not prevent its driver\r\ndata from going away so there is no point in keeping the reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71186"
    },
    {
      "cve": "CVE-2025-71188",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: lpc18xx-dmamux: fix device leak on route allocation\r\n\r\nMake sure to drop the reference taken when looking up the DMA mux\r\nplatform device during route allocation.\r\n\r\nNote that holding a reference to a device does not prevent its driver\r\ndata from going away so there is no point in keeping the reference.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71188"
    },
    {
      "cve": "CVE-2025-71189",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: dw: dmamux: fix OF node leak on route allocation failure\r\n\r\nMake sure to drop the reference taken to the DMA master OF node also on\r\nlate route allocation failures.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71189"
    },
    {
      "cve": "CVE-2025-71190",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: bcm-sba-raid: fix device leak on probe\r\n\r\nMake sure to drop the reference taken when looking up the mailbox device\r\nduring probe on probe failures and on driver unbind.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71190"
    },
    {
      "cve": "CVE-2025-71191",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: at_hdmac: fix device leak on of_dma_xlate()\r\n\r\nMake sure to drop the reference taken when looking up the DMA platform\r\ndevice during of_dma_xlate() when releasing channel resources.\r\n\r\nNote that commit 3832b78b3ec2 (\"dmaengine: at_hdmac: add missing\r\nput_device() call in at_dma_xlate()\") fixed the leak in a couple of\r\nerror paths but the reference is still leaking on successful allocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-71191"
    },
    {
      "cve": "CVE-2026-1484",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-1484"
    },
    {
      "cve": "CVE-2026-1489",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-1489"
    },
    {
      "cve": "CVE-2026-3784",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "notes": [
        {
          "category": "summary",
          "text": "curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a\nserver, even if the new request uses different credentials for the HTTP proxy.\nThe proper behavior is to create or use a separate connection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-3784"
    },
    {
      "cve": "CVE-2026-22610",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular\u2019s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG \u003cscript\u003e elements as a Resource URL context. This issue has been patched in versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-22610"
    },
    {
      "cve": "CVE-2026-22976",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset\r\n\r\n`qfq_class-\u003eleaf_qdisc-\u003eq.qlen \u003e 0` does not imply that the class\r\nitself is active.\r\n\r\nTwo qfq_class objects may point to the same leaf_qdisc. This happens\r\nwhen:\r\n\r\n1. one QFQ qdisc is attached to the dev as the root qdisc, and\r\n\r\n2. another QFQ qdisc is temporarily referenced (e.g., via qdisc_get()\r\n/ qdisc_put()) and is pending to be destroyed, as in function\r\ntc_new_tfilter.\r\n\r\nWhen packets are enqueued through the root QFQ qdisc, the shared\r\nleaf_qdisc-\u003eq.qlen increases. At the same time, the second QFQ\r\nqdisc triggers qdisc_put and qdisc_destroy: the qdisc enters\r\nqfq_reset() with its own q-\u003eq.qlen == 0, but its class\u0027s leaf\r\nqdisc-\u003eq.qlen \u003e 0. Therefore, the qfq_reset would wrongly deactivate\r\nan inactive aggregate and trigger a null-deref in qfq_deactivate_agg:\r\n\r\n[    0.903172] BUG: kernel NULL pointer dereference, address: 0000000000000000\r\n[    0.903571] #PF: supervisor write access in kernel mode\r\n[    0.903860] #PF: error_code(0x0002) - not-present page\r\n[    0.904177] PGD 10299b067 P4D 10299b067 PUD 10299c067 PMD 0\r\n[    0.904502] Oops: Oops: 0002 [#1] SMP NOPTI\r\n[    0.904737] CPU: 0 UID: 0 PID: 135 Comm: exploit Not tainted 6.19.0-rc3+ #2 NONE\r\n[    0.905157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\r\n[    0.905754] RIP: 0010:qfq_deactivate_agg (include/linux/list.h:992 (discriminator 2) include/linux/list.h:1006 (discriminator 2) net/sched/sch_qfq.c:1367 (discriminator 2) net/sched/sch_qfq.c:1393 (discriminator 2))\r\n[    0.906046] Code: 0f 84 4d 01 00 00 48 89 70 18 8b 4b 10 48 c7 c2 ff ff ff ff 48 8b 78 08 48 d3 e2 48 21 f2 48 2b 13 48 8b 30 48 d3 ea 8b 4b 18 0\r\n\r\nCode starting with the faulting instruction\r\n===========================================\r\n   0:\t0f 84 4d 01 00 00    \tje     0x153\r\n   6:\t48 89 70 18          \tmov    %rsi,0x18(%rax)\r\n   a:\t8b 4b 10             \tmov    0x10(%rbx),%ecx\r\n   d:\t48 c7 c2 ff ff ff ff \tmov    $0xffffffffffffffff,%rdx\r\n  14:\t48 8b 78 08          \tmov    0x8(%rax),%rdi\r\n  18:\t48 d3 e2             \tshl    %cl,%rdx\r\n  1b:\t48 21 f2             \tand    %rsi,%rdx\r\n  1e:\t48 2b 13             \tsub    (%rbx),%rdx\r\n  21:\t48 8b 30             \tmov    (%rax),%rsi\r\n  24:\t48 d3 ea             \tshr    %cl,%rdx\r\n  27:\t8b 4b 18             \tmov    0x18(%rbx),%ecx\r\n\t...\r\n[    0.907095] RSP: 0018:ffffc900004a39a0 EFLAGS: 00010246\r\n[    0.907368] RAX: ffff8881043a0880 RBX: ffff888102953340 RCX: 0000000000000000\r\n[    0.907723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\r\n[    0.908100] RBP: ffff888102952180 R08: 0000000000000000 R09: 0000000000000000\r\n[    0.908451] R10: ffff8881043a0000 R11: 0000000000000000 R12: ffff888102952000\r\n[    0.908804] R13: ffff888102952180 R14: ffff8881043a0ad8 R15: ffff8881043a0880\r\n[    0.909179] FS:  000000002a1a0380(0000) GS:ffff888196d8d000(0000) knlGS:0000000000000000\r\n[    0.909572] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\n[    0.909857] CR2: 0000000000000000 CR3: 0000000102993002 CR4: 0000000000772ef0\r\n[    0.910247] PKRU: 55555554\r\n[    0.910391] Call Trace:\r\n[    0.910527]  \u003cTASK\u003e\r\n[    0.910638]  qfq_reset_qdisc (net/sched/sch_qfq.c:357 net/sched/sch_qfq.c:1485)\r\n[    0.910826]  qdisc_reset (include/linux/skbuff.h:2195 include/linux/skbuff.h:2501 include/linux/skbuff.h:3424 include/linux/skbuff.h:3430 net/sched/sch_generic.c:1036)\r\n[    0.911040]  __qdisc_destroy (net/sched/sch_generic.c:1076)\r\n[    0.911236]  tc_new_tfilter (net/sched/cls_api.c:2447)\r\n[    0.911447]  rtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\r\n[    0.911663]  ? __pfx_rtnetlink_rcv_msg (net/core/rtnetlink.c:6861)\r\n[    0.911894]  netlink_rcv_skb (net/netlink/af_netlink.c:2550)\r\n[    0.912100]  netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\r\n[    0.912296]  ? __alloc_skb (net/core/skbuff.c:706)\r\n[    0.912484]  netlink_sendmsg (net/netlink/af\r\n---truncated---",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-22976"
    },
    {
      "cve": "CVE-2026-22977",
      "cwe": {
        "id": "CWE-489",
        "name": "Active Debug Code"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: sock: fix hardened usercopy panic in sock_recv_errqueue\r\n\r\nskbuff_fclone_cache was created without defining a usercopy region,\r\n[1] unlike skbuff_head_cache which properly whitelists the cb[] field.\r\n[2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is\r\nenabled and the kernel attempts to copy sk_buff.cb data to userspace\r\nvia sock_recv_errqueue() -\u003e put_cmsg().\r\n\r\nThe crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone()\r\n   (from skbuff_fclone_cache) [1]\r\n2. The skb is cloned via skb_clone() using the pre-allocated fclone\r\n[3] 3. The cloned skb is queued to sk_error_queue for timestamp\r\nreporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE)\r\n5. sock_recv_errqueue() calls put_cmsg() to copy serr-\u003eee from skb-\u003ecb\r\n[4] 6. __check_heap_object() fails because skbuff_fclone_cache has no\r\n   usercopy whitelist [5]\r\n\r\nWhen cloned skbs allocated from skbuff_fclone_cache are used in the\r\nsocket error queue, accessing the sock_exterr_skb structure in skb-\u003ecb\r\nvia put_cmsg() triggers a usercopy hardening violation:\r\n\r\n[    5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_fclone_cache\u0027 (offset 296, size 16)!\r\n[    5.382796] kernel BUG at mm/usercopy.c:102!\r\n[    5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\r\n[    5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7\r\n[    5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\r\n[    5.384903] RIP: 0010:usercopy_abort+0x6c/0x80\r\n[    5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff \u003c0f\u003e 0b 490\r\n[    5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246\r\n[    5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74\r\n[    5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0\r\n[    5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74\r\n[    5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001\r\n[    5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00\r\n[    5.384903] FS:  0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000\r\n[    5.384903] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\n[    5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0\r\n[    5.384903] PKRU: 55555554\r\n[    5.384903] Call Trace:\r\n[    5.384903]  \u003cTASK\u003e\r\n[    5.384903]  __check_heap_object+0x9a/0xd0\r\n[    5.384903]  __check_object_size+0x46c/0x690\r\n[    5.384903]  put_cmsg+0x129/0x5e0\r\n[    5.384903]  sock_recv_errqueue+0x22f/0x380\r\n[    5.384903]  tls_sw_recvmsg+0x7ed/0x1960\r\n[    5.384903]  ? srso_alias_return_thunk+0x5/0xfbef5\r\n[    5.384903]  ? schedule+0x6d/0x270\r\n[    5.384903]  ? srso_alias_return_thunk+0x5/0xfbef5\r\n[    5.384903]  ? mutex_unlock+0x81/0xd0\r\n[    5.384903]  ? __pfx_mutex_unlock+0x10/0x10\r\n[    5.384903]  ? __pfx_tls_sw_recvmsg+0x10/0x10\r\n[    5.384903]  ? _raw_spin_lock_irqsave+0x8f/0xf0\r\n[    5.384903]  ? _raw_read_unlock_irqrestore+0x20/0x40\r\n[    5.384903]  ? srso_alias_return_thunk+0x5/0xfbef5\r\n\r\nThe crash offset 296 corresponds to skb2-\u003ecb within skbuff_fclones:\r\n  - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 -\r\n  offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 =\r\n  272 + 24 (inside sock_exterr_skb.ee)\r\n\r\nThis patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure.\r\n\r\n[1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885\r\n[2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104\r\n[3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566\r\n[4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491\r\n[5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-22977"
    },
    {
      "cve": "CVE-2026-23025",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm/page_alloc: prevent pcp corruption with SMP=n\r\n\r\nThe kernel test robot has reported:\r\n\r\n BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28\r\n  lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .owner_cpu: 0\r\n CPU: 0 UID: 0 PID: 28 Comm: kcompactd0 Not tainted 6.18.0-rc5-00127-ga06157804399 #1 PREEMPT  8cc09ef94dcec767faa911515ce9e609c45db470\r\n Call Trace:\r\n  \u003cIRQ\u003e\r\n  __dump_stack (lib/dump_stack.c:95)\r\n  dump_stack_lvl (lib/dump_stack.c:123)\r\n  dump_stack (lib/dump_stack.c:130)\r\n  spin_dump (kernel/locking/spinlock_debug.c:71)\r\n  do_raw_spin_trylock (kernel/locking/spinlock_debug.c:?)\r\n  _raw_spin_trylock (include/linux/spinlock_api_smp.h:89 kernel/locking/spinlock.c:138)\r\n  __free_frozen_pages (mm/page_alloc.c:2973)\r\n  ___free_pages (mm/page_alloc.c:5295)\r\n  __free_pages (mm/page_alloc.c:5334)\r\n  tlb_remove_table_rcu (include/linux/mm.h:? include/linux/mm.h:3122 include/asm-generic/tlb.h:220 mm/mmu_gather.c:227 mm/mmu_gather.c:290)\r\n  ? __cfi_tlb_remove_table_rcu (mm/mmu_gather.c:289)\r\n  ? rcu_core (kernel/rcu/tree.c:?)\r\n  rcu_core (include/linux/rcupdate.h:341 kernel/rcu/tree.c:2607 kernel/rcu/tree.c:2861)\r\n  rcu_core_si (kernel/rcu/tree.c:2879)\r\n  handle_softirqs (arch/x86/include/asm/jump_label.h:36 include/trace/events/irq.h:142 kernel/softirq.c:623)\r\n  __irq_exit_rcu (arch/x86/include/asm/jump_label.h:36 kernel/softirq.c:725)\r\n  irq_exit_rcu (kernel/softirq.c:741)\r\n  sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1052)\r\n  \u003c/IRQ\u003e\r\n  \u003cTASK\u003e\r\n RIP: 0010:_raw_spin_unlock_irqrestore (arch/x86/include/asm/preempt.h:95 include/linux/spinlock_api_smp.h:152 kernel/locking/spinlock.c:194)\r\n  free_pcppages_bulk (mm/page_alloc.c:1494)\r\n  drain_pages_zone (include/linux/spinlock.h:391 mm/page_alloc.c:2632)\r\n  __drain_all_pages (mm/page_alloc.c:2731)\r\n  drain_all_pages (mm/page_alloc.c:2747)\r\n  kcompactd (mm/compaction.c:3115)\r\n  kthread (kernel/kthread.c:465)\r\n  ? __cfi_kcompactd (mm/compaction.c:3166)\r\n  ? __cfi_kthread (kernel/kthread.c:412)\r\n  ret_from_fork (arch/x86/kernel/process.c:164)\r\n  ? __cfi_kthread (kernel/kthread.c:412)\r\n  ret_from_fork_asm (arch/x86/entry/entry_64.S:255)\r\n  \u003c/TASK\u003e\r\n\r\nMatthew has analyzed the report and identified that in drain_page_zone()\r\nwe are in a section protected by spin_lock(\u0026pcp-\u003elock) and then get an\r\ninterrupt that attempts spin_trylock() on the same lock.  The code is\r\ndesigned to work this way without disabling IRQs and occasionally fail the\r\ntrylock with a fallback.  However, the SMP=n spinlock implementation\r\nassumes spin_trylock() will always succeed, and thus it\u0027s normally a\r\nno-op.  Here the enabled lock debugging catches the problem, but otherwise\r\nit could cause a corruption of the pcp structure.\r\n\r\nThe problem has been introduced by commit 574907741599 (\"mm/page_alloc:\r\nleave IRQs enabled for per-cpu page allocations\").  The pcp locking scheme\r\nrecognizes the need for disabling IRQs to prevent nesting spin_trylock()\r\nsections on SMP=n, but the need to prevent the nesting in spin_lock() has\r\nnot been recognized.  Fix it by introducing local wrappers that change the\r\nspin_lock() to spin_lock_iqsave() with SMP=n and use them in all places\r\nthat do spin_lock(\u0026pcp-\u003elock).\r\n\r\n[vbabka@suse.cz: add pcp_ prefix to the spin_lock_irqsave wrappers, per Steven]",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23025"
    },
    {
      "cve": "CVE-2026-23026",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()\r\n\r\nFix a memory leak in gpi_peripheral_config() where the original memory\r\npointed to by gchan-\u003econfig could be lost if krealloc() fails.\r\n\r\nThe issue occurs when:\r\n1. gchan-\u003econfig points to previously allocated memory\r\n2. krealloc() fails and returns NULL\r\n3. The function directly assigns NULL to gchan-\u003econfig, losing the\r\n   reference to the original memory\r\n4. The original memory becomes unreachable and cannot be freed\r\n\r\nFix this by using a temporary variable to hold the krealloc() result\r\nand only updating gchan-\u003econfig when the allocation succeeds.\r\n\r\nFound via static analysis and code review.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23026"
    },
    {
      "cve": "CVE-2026-23030",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nphy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()\r\n\r\nThe for_each_available_child_of_node() calls of_node_put() to\r\nrelease child_np in each success loop. After breaking from the\r\nloop with the child_np has been released, the code will jump to\r\nthe put_child label and will call the of_node_put() again if the\r\ndevm_request_threaded_irq() fails. These cause a double free bug.\r\n\r\nFix by returning directly to avoid the duplicate of_node_put().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23030"
    },
    {
      "cve": "CVE-2026-23031",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncan: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak\r\n\r\nIn gs_can_open(), the URBs for USB-in transfers are allocated, added to the\r\nparent-\u003erx_submitted anchor and submitted. In the complete callback\r\ngs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In\r\ngs_can_close() the URBs are freed by calling\r\nusb_kill_anchored_urbs(parent-\u003erx_submitted).\r\n\r\nHowever, this does not take into account that the USB framework unanchors\r\nthe URB before the complete function is called. This means that once an\r\nin-URB has been completed, it is no longer anchored and is ultimately not\r\nreleased in gs_can_close().\r\n\r\nFix the memory leak by anchoring the URB in the\r\ngs_usb_receive_bulk_callback() to the parent-\u003erx_submitted anchor.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23031"
    },
    {
      "cve": "CVE-2026-23032",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnull_blk: fix kmemleak by releasing references to fault configfs items\r\n\r\nWhen CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, the null-blk\r\ndriver sets up fault injection support by creating the timeout_inject,\r\nrequeue_inject, and init_hctx_fault_inject configfs items as children\r\nof the top-level nullbX configfs group.\r\n\r\nHowever, when the nullbX device is removed, the references taken to\r\nthese fault-config configfs items are not released. As a result,\r\nkmemleak reports a memory leak, for example:\r\n\r\nunreferenced object 0xc00000021ff25c40 (size 32):\r\n  comm \"mkdir\", pid 10665, jiffies 4322121578\r\n  hex dump (first 32 bytes):\r\n    69 6e 69 74 5f 68 63 74 78 5f 66 61 75 6c 74 5f  init_hctx_fault_\r\n    69 6e 6a 65 63 74 00 88 00 00 00 00 00 00 00 00  inject..........\r\n  backtrace (crc 1a018c86):\r\n    __kmalloc_node_track_caller_noprof+0x494/0xbd8\r\n    kvasprintf+0x74/0xf4\r\n    config_item_set_name+0xf0/0x104\r\n    config_group_init_type_name+0x48/0xfc\r\n    fault_config_init+0x48/0xf0\r\n    0xc0080000180559e4\r\n    configfs_mkdir+0x304/0x814\r\n    vfs_mkdir+0x49c/0x604\r\n    do_mkdirat+0x314/0x3d0\r\n    sys_mkdir+0xa0/0xd8\r\n    system_call_exception+0x1b0/0x4f0\r\n    system_call_vectored_common+0x15c/0x2ec\r\n\r\nFix this by explicitly releasing the references to the fault-config\r\nconfigfs items when dropping the reference to the top-level nullbX\r\nconfigfs group.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23032"
    },
    {
      "cve": "CVE-2026-23033",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndmaengine: omap-dma: fix dma_pool resource leak in error paths\r\n\r\nThe dma_pool created by dma_pool_create() is not destroyed when\r\ndma_async_device_register() or of_dma_controller_register() fails,\r\ncausing a resource leak in the probe error paths.\r\n\r\nAdd dma_pool_destroy() in both error paths to properly release the\r\nallocated dma_pool resource.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23033"
    },
    {
      "cve": "CVE-2026-23037",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncan: etas_es58x: allow partial RX URB allocation to succeed\r\n\r\nWhen es58x_alloc_rx_urbs() fails to allocate the requested number of\r\nURBs but succeeds in allocating some, it returns an error code.\r\nThis causes es58x_open() to return early, skipping the cleanup label\r\n\u0027free_urbs\u0027, which leads to the anchored URBs being leaked.\r\n\r\nAs pointed out by maintainer Vincent Mailhol, the driver is designed\r\nto handle partial URB allocation gracefully. Therefore, partial\r\nallocation should not be treated as a fatal error.\r\n\r\nModify es58x_alloc_rx_urbs() to return 0 if at least one URB has been\r\nallocated, restoring the intended behavior and preventing the leak\r\nin es58x_open().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23037"
    },
    {
      "cve": "CVE-2026-23038",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\npnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()\r\n\r\nIn nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails,\r\nthe function jumps to the out_scratch label without freeing the already\r\nallocated dsaddrs list, leading to a memory leak.\r\n\r\nFix this by jumping to the out_err_drain_dsaddrs label, which properly\r\nfrees the dsaddrs list before cleaning up other resources.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23038"
    },
    {
      "cve": "CVE-2026-23111",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()\n\nnft_map_catchall_activate() has an inverted element activity check\ncompared to its non-catchall counterpart nft_mapelem_activate() and\ncompared to what is logically required.\n\nnft_map_catchall_activate() is called from the abort path to re-activate\ncatchall map elements that were deactivated during a failed transaction.\nIt should skip elements that are already active (they don\u0027t need\nre-activation) and process elements that are inactive (they need to be\nrestored). Instead, the current code does the opposite: it skips inactive\nelements and processes active ones.\n\nCompare the non-catchall activate callback, which is correct:\n\n  nft_mapelem_activate():\n    if (nft_set_elem_active(ext, iter-\u003egenmask))\n        return 0;   /* skip active, process inactive */\n\nWith the buggy catchall version:\n\n  nft_map_catchall_activate():\n    if (!nft_set_elem_active(ext, genmask))\n        continue;   /* skip inactive, process active */\n\nThe consequence is that when a DELSET operation is aborted,\nnft_setelem_data_activate() is never called for the catchall element.\nFor NFT_GOTO verdict elements, this means nft_data_hold() is never\ncalled to restore the chain-\u003euse reference count. Each abort cycle\npermanently decrements chain-\u003euse. Once chain-\u003euse reaches zero,\nDELCHAIN succeeds and frees the chain while catchall verdict elements\nstill reference it, resulting in a use-after-free.\n\nThis is exploitable for local privilege escalation from an unprivileged\nuser via user namespaces + nftables on distributions that enable\nCONFIG_USER_NS and CONFIG_NF_TABLES.\n\nFix by removing the negation so the check matches nft_mapelem_activate():\nskip active elements, process inactive ones.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23111"
    },
    {
      "cve": "CVE-2026-23112",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec\n\nnvmet_tcp_build_pdu_iovec() could walk past cmd-\u003ereq.sg when a PDU\nlength or offset exceeds sg_cnt and then use bogus sg-\u003elength/offset\nvalues, leading to _copy_to_iter() GPF/KASAN. Guard sg_idx, remaining\nentries, and sg-\u003elength/offset before building the bvec.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23112"
    },
    {
      "cve": "CVE-2026-23220",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths\r\n\r\nThe problem occurs when a signed request fails smb2 signature verification\r\ncheck. In __process_request(), if check_sign_req() returns an error,\r\nset_smb2_rsp_status(work, STATUS_ACCESS_DENIED) is called.\r\nset_smb2_rsp_status() set work-\u003enext_smb2_rcv_hdr_off as zero. By resetting\r\nnext_smb2_rcv_hdr_off to zero, the pointer to the next command in the chain\r\nis lost. Consequently, is_chained_smb2_message() continues to point to\r\nthe same request header instead of advancing. If the header\u0027s NextCommand\r\nfield is non-zero, the function returns true, causing __handle_ksmbd_work()\r\nto repeatedly process the same failed request in an infinite loop.\r\nThis results in the kernel log being flooded with \"bad smb2 signature\"\r\nmessages and high CPU usage.\r\n\r\nThis patch fixes the issue by changing the return value from\r\nSERVER_HANDLER_CONTINUE to SERVER_HANDLER_ABORT. This ensures that\r\nthe processing loop terminates immediately rather than attempting to\r\ncontinue from an invalidated offset.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23220"
    },
    {
      "cve": "CVE-2026-23222",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly\n\nThe existing allocation of scatterlists in omap_crypto_copy_sg_lists()\nwas allocating an array of scatterlist pointers, not scatterlist objects,\nresulting in a 4x too small allocation.\n\nUse sizeof(*new_sg) to get the correct object size.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23222"
    },
    {
      "cve": "CVE-2026-23228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsmb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()\r\n\r\nOn kthread_run() failure in ksmbd_tcp_new_connection(), the transport is\r\nfreed via free_transport(), which does not decrement active_num_conn,\r\nleaking this counter.\r\n\r\nReplace free_transport() with ksmbd_tcp_disconnect().",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23228"
    },
    {
      "cve": "CVE-2026-23229",
      "cwe": {
        "id": "CWE-820",
        "name": "Missing Synchronization"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: virtio - Add spinlock protection with virtqueue notification\r\n\r\nWhen VM boots with one virtio-crypto PCI device and builtin backend,\r\nrun openssl benchmark command with multiple processes, such as\r\n  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32\r\n\r\nopenssl processes will hangup and there is error reported like this:\r\n virtio_crypto virtio0: dataq.0:id 3 is not a head!\r\n\r\nIt seems that the data virtqueue need protection when it is handled\r\nfor virtio done notification. If the spinlock protection is added\r\nin virtcrypto_done_task(), openssl benchmark with multiple processes\r\nworks well.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23229"
    },
    {
      "cve": "CVE-2026-23230",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: split cached_fid bitfields to avoid shared-byte RMW races\n\nis_open, has_lease and on_list are stored in the same bitfield byte in\nstruct cached_fid but are updated in different code paths that may run\nconcurrently. Bitfield assignments generate byte read\u2013modify\u2013write\noperations (e.g. `orb $mask, addr` on x86_64), so updating one flag can\nrestore stale values of the others.\n\nA possible interleaving is:\n    CPU1: load old byte (has_lease=1, on_list=1)\n    CPU2: clear both flags (store 0)\n    CPU1: RMW store (old | IS_OPEN) -\u003e reintroduces cleared bits\n\nTo avoid this class of races, convert these flags to separate bool\nfields.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23230"
    },
    {
      "cve": "CVE-2026-23231",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix use-after-free in nf_tables_addchain()\n\nnf_tables_addchain() publishes the chain to table-\u003echains via\nlist_add_tail_rcu() (in nft_chain_add()) before registering hooks.\nIf nf_tables_register_hook() then fails, the error path calls\nnft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy()\nwith no RCU grace period in between.\n\nThis creates two use-after-free conditions:\n\n 1) Control-plane: nf_tables_dump_chains() traverses table-\u003echains\n    under rcu_read_lock(). A concurrent dump can still be walking\n    the chain when the error path frees it.\n\n 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly\n    installs the IPv4 hook before IPv6 registration fails.  Packets\n    entering nft_do_chain() via the transient IPv4 hook can still be\n    dereferencing chain-\u003eblob_gen_X when the error path frees the\n    chain.\n\nAdd synchronize_rcu() between nft_chain_del() and the chain destroy\nso that all RCU readers -- both dump threads and in-flight packet\nevaluation -- have finished before the chain is freed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23231"
    },
    {
      "cve": "CVE-2026-23236",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: smscufx: properly copy ioctl memory to kernelspace\n\nThe UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from\nuserspace to kernelspace, and instead directly references the memory,\nwhich can cause problems if invalid data is passed from userspace.  Fix\nthis all up by correctly copying the memory before accessing it within\nthe kernel.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23236"
    },
    {
      "cve": "CVE-2026-23238",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nromfs: check sb_set_blocksize() return value\r\n\r\nromfs_fill_super() ignores the return value of sb_set_blocksize(), which\r\ncan fail if the requested block size is incompatible with the block\r\ndevice\u0027s configuration.\r\n\r\nThis can be triggered by setting a loop device\u0027s block size larger than\r\nPAGE_SIZE using ioctl(LOOP_SET_BLOCK_SIZE, 32768), then mounting a romfs\r\nfilesystem on that device.\r\n\r\nWhen sb_set_blocksize(sb, ROMBSIZE) is called with ROMBSIZE=4096 but the\r\ndevice has logical_block_size=32768, bdev_validate_blocksize() fails\r\nbecause the requested size is smaller than the device\u0027s logical block\r\nsize. sb_set_blocksize() returns 0 (failure), but romfs ignores this and\r\ncontinues mounting.\r\n\r\nThe superblock\u0027s block size remains at the device\u0027s logical block size\r\n(32768). Later, when sb_bread() attempts I/O with this oversized block\r\nsize, it triggers a kernel BUG in folio_set_bh():\r\n\r\n    kernel BUG at fs/buffer.c:1582!\r\n    BUG_ON(size \u003e PAGE_SIZE);\r\n\r\nFix by checking the return value of sb_set_blocksize() and failing the\r\nmount with -EINVAL if it returns 0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-23238"
    },
    {
      "cve": "CVE-2026-24515",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-24515"
    },
    {
      "cve": "CVE-2026-25210",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-25210"
    },
    {
      "cve": "CVE-2026-26157",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-26157"
    },
    {
      "cve": "CVE-2026-26158",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-26158"
    },
    {
      "cve": "CVE-2026-35535",
      "cwe": {
        "id": "CWE-271",
        "name": "Privilege Dropping / Lowering Errors"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-35535"
    },
    {
      "cve": "CVE-2026-41918",
      "cwe": {
        "id": "CWE-525",
        "name": "Use of Web Browser Cache Containing Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0 or later version",
          "product_ids": [
            "1"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/110002573/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-41918"
    }
  ]
}

SSA-485750

Vulnerability from csaf_siemens - Published: 2026-03-10 00:00 - Updated: 2026-03-10 00:00

Summary

SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800

Notes

Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

CVE-2024-29857

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-30171

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-203 - Observable Discrepancy

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-30172

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2024-41996

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-295 - Improper Certificate Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-6965

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L

CWE-197 - Numeric Truncation Error

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-7783

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9230

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9232

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-9670

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-12816

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE-436 - Interpretation Conflict

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-15284

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58751

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58752

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-23 - Relative Path Traversal

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-58754

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-62522

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-64718

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-64756

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66030

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66031

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66035

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-66412

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2025-69277

4.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-184 - Incomplete List of Disallowed Inputs

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

CVE-2026-22610

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SIDIS Prime Siemens / SIDIS Prime		vers:intdot/<4.0.800	Vendor Fix

References

2 references

URL	Category
https://cert-portal.siemens.com/productcert/html/…	self
https://cert-portal.siemens.com/productcert/csaf/…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "SIDIS Prime before V4.0.800 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, and several Node.js packages as described below.\n\nSiemens has released a new version of SIDIS Prime and recommends to update to the latest version.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-485750.html"
      },
      {
        "category": "self",
        "summary": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-485750.json"
      }
    ],
    "title": "SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800",
    "tracking": {
      "current_release_date": "2026-03-10T00:00:00.000Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-485750",
      "initial_release_date": "2026-03-10T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-03-10T00:00:00.000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "interim",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:intdot/\u003c4.0.800",
                "product": {
                  "name": "SIDIS Prime",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "SIDIS Prime"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30171",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-30171"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-41996",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-41996"
    },
    {
      "cve": "CVE-2025-6965",
      "cwe": {
        "id": "CWE-197",
        "name": "Numeric Truncation Error"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-6965"
    },
    {
      "cve": "CVE-2025-7783",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.\r\n\r\nThis issue affects form-data: \u003c 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-7783"
    },
    {
      "cve": "CVE-2025-9230",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9230"
    },
    {
      "cve": "CVE-2025-9232",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9232"
    },
    {
      "cve": "CVE-2025-9670",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-9670"
    },
    {
      "cve": "CVE-2025-12816",
      "cwe": {
        "id": "CWE-436",
        "name": "Interpretation Conflict"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-12816"
    },
    {
      "cve": "CVE-2025-15284",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: \u003c 6.14.1.\n\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1\u0026a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1\u0026a[1]=2) but completely bypasses it for bracket notation (a[]=1\u0026a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === \u0027[]\u0027 \u0026\u0026 options.parseArrays) {\n    obj = utils.combine([], leaf);  // No arrayLimit check\n}\n\n\n\n\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index \u003c= options.arrayLimit) {  // Limit checked here\n    obj = [];\n    obj[index] = leaf;\n}\n\n\n\n\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index \u003c= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\n\n\n\n\nconst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026a[]=2\u0026a[]=3\u0026a[]=4\u0026a[]=5\u0026a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length);  // Output: 6 (should be max 5)\n\n\n\n\n\nTest 2 - DoS demonstration:\n\nconst qs = require(\u0027qs\u0027);\nconst attack = \u0027a[]=\u0027 + Array(10000).fill(\u0027x\u0027).join(\u0027\u0026a[]=\u0027);\nconst result = qs.parse(attack, { arrayLimit: 100 });\nconsole.log(result.a.length);  // Output: 10000 (should be max 100)\n\n\n\n\n\nConfiguration:\n\n  *  arrayLimit: 5\u00a0(test 1) or arrayLimit: 100\u00a0(test 2)\n  *  Use bracket notation: a[]=value\u00a0(not indexed a[0]=value)\n\n\nImpactDenial of Service via memory exhaustion. Affects applications using qs.parse()\u00a0with user-controlled input and arrayLimit\u00a0for protection.\n\nAttack scenario:\n\n  *  Attacker sends HTTP request: GET /api/search?filters[]=x\u0026filters[]=x\u0026...\u0026filters[]=x\u00a0(100,000+ times)\n  *  Application parses with qs.parse(query, { arrayLimit: 100 })\n  *  qs ignores limit, parses all 100,000 elements into array\n  *  Server memory exhausted \u2192 application crashes or becomes unresponsive\n  *  Service unavailable for all users\nReal-world impact:\n\n  *  Single malicious request can crash server\n  *  No authentication required\n  *  Easy to automate and scale\n  *  Affects any endpoint parsing query strings with bracket notation",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-15284"
    },
    {
      "cve": "CVE-2025-58751",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or `server.host` config option), use the public directory feature (enabled by default), and have a symlink in the public directory are affected. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-58751"
    },
    {
      "cve": "CVE-2025-58752",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or server.host config option) and use `appType: \u0027spa\u0027` (default) or `appType: \u0027mpa\u0027` are affected. This vulnerability also affects the preview server. The preview server allowed HTML files not under the output directory to be served. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-58752"
    },
    {
      "cve": "CVE-2025-58754",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: \u0027stream\u0027`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-58754"
    },
    {
      "cve": "CVE-2025-62522",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Vite is a frontend tooling framework for JavaScript. In versions from 2.9.18 to before 3.0.0, 3.2.9 to before 4.0.0, 4.5.3 to before 5.0.0, 5.2.6 to before 5.4.21, 6.0.0 to before 6.4.1, 7.0.0 to before 7.0.8, and 7.1.0 to before 7.1.11, files denied by server.fs.deny were sent if the URL ended with \\ when the dev server is running on Windows. Only apps explicitly exposing the Vite dev server to the network and running the dev server on Windows were affected. This issue has been patched in versions 5.4.21, 6.4.1, 7.0.8, and 7.1.11.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-62522"
    },
    {
      "cve": "CVE-2025-64718",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it\u0027s possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1 and 3.14.2. Users can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in Deno, pollution protection is on by default).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-64718"
    },
    {
      "cve": "CVE-2025-64756",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c \u003ccommand\u003e \u003cpatterns\u003e are used, matched filenames are passed to a shell with shell: true, enabling shell metacharacters in filenames to trigger command injection and achieve arbitrary code execution under the user or CI account privileges. This issue has been patched in versions 10.5.0 and 11.1.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-64756"
    },
    {
      "cve": "CVE-2025-66030",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66030"
    },
    {
      "cve": "CVE-2025-66031",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66031"
    },
    {
      "cve": "CVE-2025-66035",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular\u0027s HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66035"
    },
    {
      "cve": "CVE-2025-66412",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler\u0027s internal security schema is incomplete, allowing attackers to bypass Angular\u0027s built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-66412"
    },
    {
      "cve": "CVE-2025-69277",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "notes": [
        {
          "category": "summary",
          "text": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren\u0027t in the main cryptographic group.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2025-69277"
    },
    {
      "cve": "CVE-2026-22610",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular\u2019s internal sanitization schema fails to recognize the href and xlink:href attributes of SVG \u003cscript\u003e elements as a Resource URL context. This issue has been patched in versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.0.800 or later version",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2026-22610"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-66412 (GCVE-0-2025-66412)

Solutions

Solutions

Impact

Patches

Attack Preconditions

Workarounds

Tags

Sightings

Nomenclature