{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25572", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2026-02-02T23:19:09.478Z", "datePublished": "2026-03-10T16:07:56.157Z", "dateUpdated": "2026-03-10T16:41:09.311Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2026-03-10T16:07:56.157Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service."}], "affected": [{"vendor": "Siemens", "product": "SICAM SIAPP SDK", "versions": [{"status": "affected", "version": "0", "lessThan": "V2.1.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.1, "baseSeverity": "MEDIUM"}}, {"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "baseScore": 5.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-130", "description": "CWE-130: Improper Handling of Length Parameter Inconsistency", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-903736.html"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25572", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-10T16:35:18.118478Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T16:41:09.311Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25572", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-10T16:35:18.118478Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T16:37:58.445Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}}, {"cvssV4_0": {"version": "4.0", "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}}], "affected": [{"vendor": "Siemens", "product": "SICAM SIAPP SDK", "versions": [{"status": "affected", "version": "0", "lessThan": "V2.1.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-903736.html"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-130", "description": "CWE-130: Improper Handling of Length Parameter Inconsistency"}]}], "providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2026-03-10T16:07:56.157Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25572", "state": "PUBLISHED", "dateUpdated": "2026-03-10T16:41:09.311Z", "dateReserved": "2026-02-02T23:19:09.478Z", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "datePublished": "2026-03-10T16:07:56.157Z", "assignerShortName": "siemens"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sicam_siapp_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C92AE80-D07C-484A-9F56-5A0B25F8D249", "versionEndExcluding": "2.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service."}, {"lang": "es", "value": "Una vulnerabilidad ha sido identificada en SICAM SIAPP SDK (Todas las versiones &lt; V2.1.7). El componente de servidor de SICAM SIAPP SDK no aplica comprobaciones de longitud m\u00e1xima en ciertas variables antes de su uso. Esto podr\u00eda permitir a un atacante enviar una entrada sobredimensionada que podr\u00eda desencadenar un desbordamiento de pila bloqueando el proceso y potencialmente causando denegaci\u00f3n de servicio."}], "id": "CVE-2026-25572", "lastModified": "2026-03-13T15:37:18.823", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "productcert@siemens.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2026-03-10T18:18:37.190", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/html/ssa-903736.html"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-130"}], "source": "productcert@siemens.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,V2.1.7)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "sicam_siapp_sdk", "vendor": "siemens"}], "analysis": {"en": {"generated_at": "2026-04-17T11:45:24.148578+00:00", "value": {"mitigation_remediation": ["Upgrade to Siemens SICAM SIAPP SDK version V2.1.7 or later to obtain the fixed stack overflow protection.", "If upgrading immediately is not feasible, implement custom input size checks on the server component to reject oversized payloads before processing.", "Monitor application logs for signs of unexpected crashes or stack overflows and apply any available vendor advisories promptly."], "summary": {"action": "Patch Now", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The affected product is Siemens SICAM SIAPP SDK, with all versions prior to V2.1.7 impacted. Administrators should verify if their deployments run a vulnerable version and plan an upgrade accordingly.", "description_and_impact": "The vulnerability arises from the lack of input length validation in the server component of Siemens SICAM SIAPP SDK. An attacker can send an oversized payload that triggers a stack overflow, potentially crashing the service. This flaw can lead to a denial of service by causing the application to terminate unexpectedly.", "risk_and_exploitability": "The CVSS base score of 5.9 indicates a moderate risk level, and the EPSS score of less than 1% suggests a very low likelihood of exploitation in the wild. The flaw is not listed in the CISA KEV catalog. The most likely attack vector is remote, as the server component communicates over the network, but this is inferred from the description rather than explicitly stated. Because the vulnerability only leads to service crashes, it represents a denial of service rather than code execution."}}}}, "created": "2026-03-11T11:49:54.673611+00:00", "title": "Unvalidated Length Input Causes Stack Overflow in Siemens SICAM SIAPP SDK", "updated": "2026-04-17T12:00:11.694929+00:00", "vendors": ["siemens", "siemens$PRODUCT$sicam_siapp_sdk"]}