SIEMENS CERT
02/10/2026
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant). Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
SIEMENS CERT
02/10/2026
The embedded web server on affected devices contains a buffer overflow vulnerability. This could allow remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL. Siemens has released new versions for the affected products and recommends to update to the latest …
SIEMENS CERT
02/10/2026
Polarion before V2506 contains a vulnerability that could allow authenticated remote attackers to conduct cross-site scripting attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions.
SIEMENS CERT
02/10/2026
Solid Edge uses PS/IGES Parasolid Translator Component that contains an out of bounds read that could be triggered when the application reads files in IGS file formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash …
SIEMENS CERT
02/10/2026
SiPass integrated contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server. Siemens has released a new version for SiPass integrated and recommends to update to the latest version.
SIEMENS CERT
02/10/2026
COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix …
CISA (ICS)
02/05/2026
Summary Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial-of-service condition on the affected product. The following versions of Mitsubishi Electric MELSEC iQ-R Series are …
CISA (ICS)
02/05/2026
Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. The following versions of o6 Automation GmbH Open62541 are affected: Open62541 >=1.5-rc1|<1.5-rc2 (CVE-2026-1301) CVSS Vendor Equipment Vulnerabilities v3 5.7 o6 Automation GmbH o6 Automation GmbH Open62541 Out-of-bounds Write Background Critical …