Unauthorized Access Vulnerability in CPCI85 and SICORE Base System by Siemens
CVE-2026-54800

6.3MEDIUM

What is CVE-2026-54800?

A security vulnerability has been detected in the CPCI85 Central Processing/Communication and SICORE Base systems, allowing potential unauthorized access due to improper configuration. The affected versions are shipped without default security settings for OPC UA, which could enable attackers to bypass security measures and gain control over critical system functions, putting sensitive operations at risk. It is crucial for users to review and enhance their security configurations to safeguard their systems.

Affected Version(s)

CPCI85 Central Processing/Communication 0

SICORE Base system 0

References

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.