CVE-2026-25572

Summary

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service.

Affected Software

VendorProductVersion RangeStatus
SiemensSICAM SIAPP SDK0 < V2.1.7affected

Weaknesses

  • CWE-130: CWE-130: Improper Handling of Length Parameter Inconsistency

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References