July 15, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Fortinet Firewalls Under Attack by New LockBit-Connected Ransomware Group – Active IOCs
March 14, 2025Critical Apache NiFi Vulnerability Leaks MongoDB Authentication Details
March 14, 2025Fortinet Firewalls Under Attack by New LockBit-Connected Ransomware Group – Active IOCs
March 14, 2025Critical Apache NiFi Vulnerability Leaks MongoDB Authentication Details
March 14, 2025
Severity
High
Analysis Summary
CVE-2025-27494 CVSS:9.1
Siemens SiPass integrated ACC (Advanced Central Controller) devices could allow a remote authenticated attacker to execute arbitrary commands with root privileges, caused by improper input validation by the pubkey endpoint of the REST API.
CVE-2025-27493 CVSS:8.2
Siemens SiPass integrated ACC (Advanced Central Controller) devices could allow a local authenticated attacker to execute arbitrary commands with root privileges, caused by improper input validation by the telnet command line interface.
CVE-2025-27438 CVSS:7.8
Siemens Teamcenter Visualization and Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in parsing specially crafted WRL files.
CVE-2024-56336 CVSS:9.8
Siemens SINAMICS S200 could allow a remote attacker to bypass security restrictions, caused by containing an unlocked bootloader.
Impact
- Security Bypass
- Privilege Escalation
- Code Execution
Indicators of Compromise
CVE
CVE-2025-27494
CVE-2025-27493
CVE-2025-27438
CVE-2024-56336
Affected Vendors
Siemens
Affected Products
- Siemens SiPass integrated ACC-AP
- Siemens Teamcenter Visualization V14.3 0
- Siemens Teamcenter Visualization V2312 0
- Siemens SiPass integrated AC5102 (ACC-G2)
- Siemens Teamcenter Visualization V2406
- Siemens Teamcenter Visualization V2412
- Siemens SINAMICS S200
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.