Analysis Summary

CVE-2025-27494 CVSS:9.1

Siemens SiPass integrated ACC (Advanced Central Controller) devices could allow a remote authenticated attacker to execute arbitrary commands with root privileges, caused by improper input validation by the pubkey endpoint of the REST API.

CVE-2025-27493 CVSS:8.2

Siemens SiPass integrated ACC (Advanced Central Controller) devices could allow a local authenticated attacker to execute arbitrary commands with root privileges, caused by improper input validation by the telnet command line interface.

CVE-2025-27438 CVSS:7.8

Siemens Teamcenter Visualization and Tecnomatix Plant Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in parsing specially crafted WRL files.

CVE-2024-56336 CVSS:9.8

Siemens SINAMICS S200 could allow a remote attacker to bypass security restrictions, caused by containing an unlocked bootloader.

Impact

• Security Bypass
• Privilege Escalation
• Code Execution

Indicators of Compromise

CVE

• CVE-2025-27494

• CVE-2025-27493

• CVE-2025-27438

• CVE-2024-56336

Affected Vendors

Affected Products

• Siemens SiPass integrated ACC-AP
• Siemens Teamcenter Visualization V14.3 0
• Siemens Teamcenter Visualization V2312 0
• Siemens SiPass integrated AC5102 (ACC-G2)
• Siemens Teamcenter Visualization V2406
• Siemens Teamcenter Visualization V2412
• Siemens SINAMICS S200

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

CVE-2025-27494

CVE-2025-27493

CVE-2025-27438

CVE-2024-56336