CVE-2026-25787 — CRITICAL (9.1)

Vulnerability Description

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "Motion Control Diagnostics" parameters page, the malicious code would be executed in the scope of their web session.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-79

References

https://cert-portal.siemens.com/productcert/html/ssa-688146.html

FAQ

What is CVE-2026-25787?

CVE-2026-25787 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker wh...

How severe is CVE-2026-25787?

CVE-2026-25787 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2026-25787?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.