[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHqJXTU05RQhrLpm3Oh0Rda5VfbBmWPmYldRLdizANCg":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":36},"fc57ee59-52ad-488b-9604-6956fbb2e690","Siemens Products using OpenSSL","siemens-products-using-openssl-03c74c","View CSAF Summary OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. The following versions of Siemens Products using OpenSSL are affected: AI Lightweight Inference Server vers:all\u002F* (CVE-2025-15467) Connector for Azure vers:intdot\u002F =4.0.700 (CVE-2025-15467) Siemens OPC UA Modelling Editor (SiOME) vers:all\u002F* (CVE-2025-15467) SIMATIC Comfort\u002FMobile RT vers:all\u002F* (CVE-2025-15467) SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8) vers:all\u002F* (CVE-2025-15467) SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) vers:all\u002F* (CVE-2025-15467) SIMATIC HMI Basic Panels vers:intdot\u002F =6.3 (CVE-2025-15467) SINAMICS G220 vers:intdot\u002F>=6.3 (CVE-2025-15467) SINAMICS S200 vers:intdot\u002F>=6.3 (CVE-2025-15467) SINAMICS S210 vers:intdot\u002F>=6.3 (CVE-2025-15467) SINAMICS S220 vers:intdot\u002F>=6.3 (CVE-2025-15467) SINEC INS vers:intdot\u002F\u003C1.0.2.5 (CVE-2025-15467) SINEC NMS vers:all\u002F* (CVE-2025-15467) SINEC Security Monitor vers:all\u002F* (CVE-2025-15467) SINUMERIK Access MyMachine \u002FOPC UA vers:all\u002F* (CVE-2025-15467) SIPLANT vers:all\u002F* (CVE-2025-15467) SITRANS ASM IQ vers:all\u002F* (CVE-2025-15467) SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ) vers:all\u002F* (CVE-2025-15467) User Management Component (UMC) vers:intdot\u002F\u003C2.15.3.0 (CVE-2025-15467) Visual Inspection Cockpit vers:all\u002F* (CVE-2025-15467) CVSS Vendor Equipment Vulnerabilities v3 9.8 Siemens Siemens Products using OpenSSL Out-of-bounds Write Background Critical Infrastructure Sectors: Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities Countries\u002FAreas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Expand All + CVE-2025-15467 Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S\u002FMIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. View CVE Details Affected Products Siemens Products using OpenSSL Vendor: Siemens Product Version: AI Lightweight Inference Server, Connector for Azure, Databus, HiMed Cockpit, RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE LPE9403 (6GK5998-3GS00-2AC2), SCALANCE LPE9413 (6GK5998-3GS01-2AC2), SCALANCE LPE9433 (6GK5998-3GS11-2AC2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router family, SCALANCE M816-1 ADSL-Router family, SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), SCALANCE M874-2 (6GK5874-2AA00-2AA2), SCALANCE M874-3 (6GK5874-3AA00-2AA2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2), SCALANCE M876-3 (6GK5876-3AA02-2BA2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2), SCALANCE M876-4 (6GK5876-4AA10-2BA2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0), SCALANCE XC316-8 (6GK5324-8TS00-2AC2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2), SCALANCE XC332 (6GK5332-0GA00-2AC2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2), SCALANCE XC432 (6GK5432-0GR00-2AC2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3), SCALANCE XR302-32 (6GK5334-5TS00-3AR3), SCALANCE XR302-32 (6GK5334-5TS00-4AR3), SCALANCE XR322-12 (6GK5334-3TS00-2AR3), SCALANCE XR322-12 (6GK5334-3TS00-3AR3), SCALANCE XR322-12 (6GK5334-3TS00-4AR3), SCALANCE XR326-8 (6GK5334-2TS00-2AR3), SCALANCE XR326-8 (6GK5334-2TS00-3AR3), SCALANCE XR326-8 (6GK5334-2TS00-4AR3), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3), SCALANCE XR502-32 (6GK5534-5TR00-2AR3), SCALANCE XR502-32 (6GK5534-5TR00-3AR3), SCALANCE XR502-32 (6GK5534-5TR00-4AR3), SCALANCE XR522-12 (6GK5534-3TR00-2AR3), SCALANCE XR522-12 (6GK5534-3TR00-3AR3), SCALANCE XR522-12 (6GK5534-3TR00-4AR3), SCALANCE XR524-8WG (6GK5532-2SR00-2AR3), SCALANCE XR524-8WG (6GK5532-2SR00-2RR3), SCALANCE XR524-8WG (6GK5532-2SR00-3AR3), SCALANCE XR524-8WG (6GK5532-2SR00-3RR3), SCALANCE XR526-8 (6GK5534-2TR00-2AR3), SCALANCE XR526-8 (6GK5534-2TR00-3AR3), SCALANCE XR526-8 (6GK5534-2TR00-4AR3), Shopfloor IT Suite, SIDIS Prime, Siemens OPC UA Modelling Editor (SiOME), SIMATIC Comfort\u002FMobile RT, SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8), SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8), SIMATIC HMI Basic Panels, SIMATIC HMI Comfort Panels, SIMATIC HMI Mobile Panels, SIMATIC IOT2050 (6ES7647-0BA00-1YA2), SIMATIC IPC BX-21A, SIMATIC IPC MD-57A, SIMATIC IPC ORCLA, SIMATIC PDM V9.3, SIMATIC RTLS Locating Manager (6GT2780-0DA00), SIMATIC RTLS Locating Manager (6GT2780-0DA10), SIMATIC RTLS Locating Manager (6GT2780-0DA20), SIMATIC RTLS Locating Manager (6GT2780-0DA30), SIMATIC RTLS Locating Manager (6GT2780-1EA10), SIMATIC RTLS Locating Manager (6GT2780-1EA20), SIMATIC RTLS Locating Manager (6GT2780-1EA30), SIMATIC STEP 7 V5, SIMATIC Target, SIMATIC WinCC OA V3.19, SIMATIC WinCC OA V3.20, SIMATIC WinCC OA V3.21, SIMATIC WinCC Runtime Advanced V17, SIMATIC WinCC Unified Sequence, SIMATIC WinCC V7.5, SIMATIC WinCC V8.0, SIMATIC WinCC V8.1, SIMOTION OACAMGEN (6AU1820-3EA20-0AB0), SIMOVE Fleetmanager V3.1, SIMOVE Fleetmanager V3.2, SIMOVE Fleetmanager V3.3, SINAMICS G200, SINAMICS G220, SINAMICS S200, SINAMICS S210, SINAMICS S220, SINEC INS, SINEC NMS, SINEC Security Monitor, SINUMERIK Access MyMachine \u002FOPC UA, SIPLANT, SITRANS ASM IQ, SITRANS Soft Sensor Engine IQ (SITRANS SSE IQ), User Management Component (UMC), Visual Inspection Cockpit Product Status: known_affected Remediations Mitigation As a defense-in-depth measure, organizations may review whether affected systems are exposed to untrusted CMS\u002FPKCS#7 content from external sources. Mitigation Do not accept files from untrusted and unvalidated sources in the affected applications Mitigation Restrict the port at the host with the DeviceConnectionProxy to secure destinations Mitigation Securing the connected email server as follows: • Configure the email server to enforce encrypted communication (TLS\u002FSSL) for all SMTP connections. • Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists). • Ensure strong authentication to access the email server. • Keep the email server software and underlying operating system up to date with the latest security patches. Mitigation Securing the connected email server as follows: • Configure the email server to enforce encrypted communication (TLS\u002FSSL) for all SMTP connections. • Restrict access to the email server to trusted systems only (e.g., by using firewall rules or IP allowlists). • Ensure strong authentication to access the email server. • Keep the email server software and underlying operating system up to date with the latest security patches. Mitigation The hardening instructions mentioned in the products security concept should be followed No fix planned Currently no fix is planned None available Currently no fix is available Vendor fix Update to V1.0 SP2 Update 5 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109999722\u002F Vendor fix Update to V1.8.0 or later version https:\u002F\u002Fdocs.eu1.edge.siemens.cloud\u002Frelease_notes\u002Fscope_of_delivery\u002Fscope_of_delivery.html Vendor fix Update to V17 Update 9 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109800912\u002F Vendor fix Update to V17.9 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109825750\u002F Vendor fix Update to V17 Update 9 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109825750\u002F Vendor fix Update to V2.15.3.0 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F110000730\u002F Vendor fix Update to V21 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109996963\u002F Vendor fix Update to V3.19 P024 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F110000400\u002F Vendor fix Update to V3.20 P012 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F110000657\u002F Vendor fix Update to V3.21 P02 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F110000985\u002F Vendor fix Update to V3.3.2 or later version https:\u002F\u002Fdocs.eu1.edge.siemens.cloud\u002Frelease_notes\u002Fscope_of_delivery\u002Fscope_of_delivery.html Vendor fix Update to V5.7 SP4 or later version https:\u002F\u002Fsupport.industry.siemens.com\u002Fcs\u002Fww\u002Fen\u002Fview\u002F109991080\u002F Vendor fix Contact customer support siplant-support.de@siemens.com Vendor fix Contact customer support Relevant CWE: CWE-787 Out-of-bounds Write Metrics CVSS Version Base Score Base Severity Vector String 3.1 9.8 CRITICAL CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H Acknowledgments Siemens ProductCERT reported this vulnerability to CISA. General Recommendations As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https:\u002F\u002Fwww.siemens.com\u002Fcert\u002Foperational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https:\u002F\u002Fwww.siemens.com\u002Findustrialsecurity Additional Resources For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https:\u002F\u002Fwww.siemens.com\u002Fcert\u002Fadvisories Terms of Use The use of Siemens Security Advisories is subject to the terms and conditions listed on: https:\u002F\u002Fwww.siemens.com\u002Fproductcert\u002Fterms-of-use. Legal Notice and Terms of Use This product is provided subject to this Notification (https:\u002F\u002Fwww.cisa.gov\u002Fnotification) and this Privacy & Use policy (https:\u002F\u002Fwww.cisa.gov\u002Fprivacy-policy). Recommended Practices CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities. Minimize network exposure for all control system devices and\u002For systems, and ensure they are not accessible from the internet. Locate control system networks and remote devices behind firewalls and isolate them from business networks. When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents. Advisory Conversion Disclaimer This ICSA is a verbatim republication of Siemens ProductCERT SSA-434797 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory. Revision History Initial Release Date: 2026-06-09 Date Revision Summary 2026-06-09 1 Publication Date 2026-06-23 2 Initial CISA Republication of Siemens ProductCERT SSA-434797 advisory Legal Notice and Terms of Use","Siemens has released advisories for a critical stack-based buffer overflow vulnerability (CVE-2025-15467) in OpenSSL, affecting numerous industrial products. This vulnerability can lead to denial of service or potentially remote code execution. Siemens is providing updated versions for affected products and recommending specific countermeasures for those without immediate fixes.","Siemens products affected by OpenSSL stack buffer overflow vulnerability CVE-2025-15467","ICS Advisory Siemens Products using OpenSSL Release DateJune 23, 2026 Alert CodeICSA-26-174-03 Related topics: Industrial Control System Vulnerabilities , Industrial Control Systems View CSAF Summary OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. The following versions of Siemens Products using OpenSSL are affected: AI Lightweight Inference Server vers:all\u002F* (CVE-2025-15467) Connector for Azure vers:intdot\u002F\u003C1.8.0 (CVE-2025-15467) Databus vers:intdot\u002F\u003C3.3.2 (CVE-2025-15467) HiMed Cockpit vers:all\u002F* (CVE-2025-15467) RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) vers:all\u002F* (CVE-2025-15467) RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) vers:all\u002F* (CVE-2025-15467) SCALANCE LPE9403 (6GK5998-3GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE LPE9413 (6GK5998-3GS01-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE LPE9433 (6GK5998-3GS11-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE M804PB (6GK5804-0AP00-2AA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M812-1 ADSL-Router family vers:all\u002F* (CVE-2025-15467) SCALANCE M816-1 ADSL-Router family vers:all\u002F* (CVE-2025-15467) SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) vers:all\u002F* (CVE-2025-15467) SCALANCE M874-2 (6GK5874-2AA00-2AA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M874-3 (6GK5874-3AA00-2AA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M876-3 (6GK5876-3AA02-2BA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M876-4 (6GK5876-4AA10-2BA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) vers:all\u002F* (CVE-2025-15467) SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) vers:all\u002F* (CVE-2025-15467) SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) vers:all\u002F* (CVE-2025-15467) SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) vers:all\u002F* (CVE-2025-15467) SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) vers:all\u002F* (CVE-2025-15467) SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC622-2C (6GK5622-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC626-2C (6GK5626-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC632-2C (6GK5632-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC636-2C (6GK5636-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC642-2C (6GK5642-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE SC646-2C (6GK5646-2GS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) vers:all\u002F* (CVE-2025-15467) SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) vers:all\u002F* (CVE-2025-15467) SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) vers:all\u002F* (CVE-2025-15467) SCALANCE XC316-8 (6GK5324-8TS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC324-4 (6GK5328-4TS00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC332 (6GK5332-0GA00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC416-8 (6GK5424-8TR00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC424-4 (6GK5428-4TR00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XC432 (6GK5432-0GR00-2AC2) vers:all\u002F* (CVE-2025-15467) SCALANCE XR302-32 (6GK5334-5TS00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR302-32 (6GK5334-5TS00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR302-32 (6GK5334-5TS00-4AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR322-12 (6GK5334-3TS00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR322-12 (6GK5334-3TS00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR322-12 (6GK5334-3TS00-4AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR326-8 (6GK5334-2TS00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR326-8 (6GK5334-2TS00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR326-8 (6GK5334-2TS00-4AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR502-32 (6GK5534-5TR00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR502-32 (6GK5534-5TR00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR502-32 (6GK5534-5TR00-4AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR522-12 (6GK5534-3TR00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR522-12 (6GK5534-3TR00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR522-12 (6GK5534-3TR00-4AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR524-8WG (6GK5532-2SR00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR524-8WG (6GK5532-2SR00-2RR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR524-8WG (6GK5532-2SR00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR524-8WG (6GK5532-2SR00-3RR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR526-8 (6GK5534-2TR00-2AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR526-8 (6GK5534-2TR00-3AR3) vers:all\u002F* (CVE-2025-15467) SCALANCE XR526-8 (6GK5534-2TR00-4AR3) vers:all\u002F* (CVE-2025-15467) Shopfloor IT Suite vers:all\u002F* (CVE-2025-15467) SIDIS Prime vers:intdot\u002F>=4.0.700 (CVE-2025-15467) Siemens OPC UA Modelling Editor (SiOME) vers:all\u002F* (CVE-2025-15467) SIMATIC Comfort\u002FMobile RT vers:all\u002F* (CVE-2025-15467) SIMATIC eaSie Core Package (6DL5424-0AX00-0AV8) vers:all\u002F* (CVE-2025-15467) SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) vers:all\u002F* (CVE-2025-15467) SIMATIC HMI Basic Panels vers:intdot\u002F\u003C17.0.9 (CVE-2025-15467) SIMATIC HMI Comfort Panels vers:intdot\u002F\u003C17.0.9 (CVE-2025-15467) SIMATIC HMI Mobile Panels vers:intdot\u002F\u003C17.0.9 (CVE-2025-15467) SIMATIC IOT2050 (6ES7647-0BA00-1YA2) vers:all\u002F* (CVE-2025-15467) SIMATIC IPC BX-21A vers:all\u002F* (CVE-2025-15467) SIMATIC IPC MD-57A vers:all\u002F* (CVE-2025-15467) SIMATIC IPC ORCLA vers:all\u002F* (CVE-2025-15467) SIMATIC PDM V9.3 vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-0DA00) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-0DA10) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-0DA20) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-0DA30) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-1EA10) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT2780-1EA20) vers:all\u002F* (CVE-2025-15467) SIMATIC RTLS Locating Manager (6GT27","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-174-03",null,"2026-06-23T12:00:00+00:00","2026-06-23T18:00:19.538158+00:00",9,[18,21,24,26,28,30],{"name":19,"type":20},"Siemens","vendor",{"name":22,"type":23},"OpenSSL","product",{"name":25,"type":23},"AI Lightweight Inference Server",{"name":27,"type":23},"Connector for Azure",{"name":29,"type":23},"Siemens OPC UA Modelling Editor (SiOME)",{"name":31,"type":23},"SIMATIC Comfort\u002FMobile RT","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":32,"icon":13,"name":34,"slug":35},"Vulnerabilities","vulnerabilities",[37,42,44,49],{"category":38},{"id":39,"icon":13,"name":40,"slug":41},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":43},{"id":32,"icon":13,"name":34,"slug":35},{"category":45},{"id":46,"icon":13,"name":47,"slug":48},"d6f63bb8-0801-486a-be7f-171400700454","IoT\u002FOT","iot-ot",{"category":50},{"id":51,"icon":13,"name":52,"slug":53},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[55],{"type":56,"value":57,"context":58},"cve","CVE-2025-15467","Stack-based buffer overflow vulnerability in OpenSSL affecting Siemens products."]