CVE-2026-25572
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-25572
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
长度参数不一致性处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens SICAM SIAPP SDK 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SICAM SIAPP SDK是德国Siemens公司的一个软件开发工具包。 Siemens SICAM SIAPP SDK V2.1.7之前版本存在安全漏洞,该漏洞源于服务器组件在使用前未对某些变量执行最大长度检查,可能导致栈溢出,进而使进程崩溃并导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens | SICAM SIAPP SDK | 0 ~ V2.1.7 | - |
II. Public POCs for CVE-2026-25572
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-25572
请登录查看更多情报信息。
Same Patch Batch · Siemens · 2026-03-10 · 9 CVEs total
| CVE-2025-40943 | 9.6 CRITICAL | Siemens多款产品 跨站脚本漏洞 |
| CVE-2026-25573 | 7.4 HIGH | Siemens SICAM SIAPP SDK 安全漏洞 |
| CVE-2026-25570 | 7.4 HIGH | Siemens SICAM SIAPP SDK 安全漏洞 |
| CVE-2026-25569 | 7.4 HIGH | Siemens SICAM SIAPP SDK 缓冲区错误漏洞 |
| CVE-2026-25605 | 6.7 MEDIUM | Siemens SICAM SIAPP SDK 安全漏洞 |
| CVE-2026-25571 | 5.1 MEDIUM | Siemens SICAM SIAPP SDK 安全漏洞 |
| CVE-2026-27661 | 4.3 MEDIUM | Siemens SINEC Security Monitor 安全漏洞 |
| CVE-2025-27769 | 2.6 LOW | Siemens Heliox Flex 180 kW EV Charging Station和Siemens Heliox Mobile DC 40 kW EV Charging |
IV. Related Vulnerabilities
Same weakness: CWE-130
- CVE-2026-5766
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33846
Gnutls: gnutls: denial of service via heap buffer overflow i - CVE-2026-3868
Moxa EDR-8010 Series和Moxa EDR-G9010 Series 安全漏洞 - CVE-2026-5265
Ovn: ovn: heap over-read in icmp error response generation - - CVE-2026-5367
Ovn: ovn: information disclosure via crafted dhcpv6 packets
V. Comments for CVE-2026-25572
No comments yet