Denial-of-Service Vulnerability in CPCI85 and RTUM85 Products by Siemens
CVE-2026-27663

7.1HIGH

Key Information:

Vendor: Siemens
Status: Cpci85 Central Processing/communication; Rtum85 rtu Base
Vendor: CVE Published:; 26 March 2026

What is CVE-2026-27663?

A denial-of-service vulnerability has been identified in Siemens CPCI85 Central Processing/Communication and RTUM85 RTU Base products. This vulnerability arises when the affected applications are exposed to a remote operation mode and are subjected to a high volume of requests. Such an environment creates a condition of resource exhaustion, causing the applications to become unresponsive. If multiple requests are sent concurrently, they can deplete the available resources, necessitating a reset or reboot of the system to restore normal functionality. Users should exercise caution and implement mitigation strategies to safeguard their systems.

Affected Version(s)

CPCI85 Central Processing/Communication 0

RTUM85 RTU Base 0

References

https://cert-portal.siemens.com/productcert/html/ssa-2464...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2026
Vulnerability Reserved
Feb 23, 2026

CVE-2026-27663 Data

JSON