A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise.
Metrics
Affected Vendors & Products
References
History
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
|
| Vendors & Products |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
Thu, 09 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise. | |
| Weaknesses | CWE-489 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2026-07-09T14:46:38.615Z
Reserved: 2026-06-16T07:47:12.273Z
Link: CVE-2026-54799
Updated: 2026-07-09T14:46:35.722Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T15:30:05Z