Siemens Industrial Edge Devices
Act Now10ICS-CERT ICSA-26-015-08Jan 13, 2026
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Siemens Industrial Edge Devices and related SIMATIC HMI systems contain an authorization bypass vulnerability (CWE-639) that allows an unauthenticated remote attacker to circumvent authentication mechanisms and impersonate legitimate users. The vulnerability affects a wide range of products including SIMATIC HMI MTP-series touchscreen panels, Industrial Edge Cloud/Own/Virtual Devices, SIMATIC IOT2050 gateways, SIMATIC IPC industrial edge devices, and SCALANCE LPE managed network switches. Siemens has released firmware updates for most affected products; however, SIMATIC Automation Workstation 19" and 24" have no fix available and require compensating controls.
What this means
What could happen
An unauthenticated attacker with network access to these devices could bypass login credentials and impersonate a legitimate operator or administrator, potentially gaining full control over HMI panels and industrial edge systems to alter process parameters or shut down operations.
Who's at risk
Manufacturing facilities and process automation environments using Siemens SIMATIC HMI touch panels (MTP series), Industrial Edge devices for edge computing and data collection, SIMATIC IOT2050 gateways, SIMATIC IPC industrial computers, and SCALANCE managed switches. Any facility with these devices exposed to network access is at risk.
How it could be exploited
An attacker sends a specially crafted network request to the authentication mechanism on the affected device, bypassing credential checks. Once authenticated as a legitimate user, the attacker can access the HMI interface or industrial edge platform to modify setpoints, disable alarms, or stop production processes.
Prerequisites
- Network access to the affected device on its management or operational port
- No valid credentials required to exploit the vulnerability
Remotely exploitableNo authentication requiredLow complexity attackAffects operator interface and control systemsNo patch available for SIMATIC Automation Workstation 19" and 24"
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (65)
63 with fix2 pending
ProductAffected VersionsFix Status
SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design< 2121
SIMATIC HMI MTP700, Unified Comfort Panel neutral design< 2121
SIMATIC IOT2050< 1.25.11.25.1
SIMATIC IPC BX-39A Industrial Edge Device< 3.13.1
SIMATIC IPC BX-59A Industrial Edge Device< 3.13.1
Remediation & Mitigation
0/6
Do now
0/1WORKAROUNDRestrict network access to affected devices to trusted engineering workstations and control systems only using firewall rules or network segmentation
Schedule — requires maintenance window
0/5Patching may require device reboot — plan for process interruption
Industrial Edge Cloud Device (IECD)
HOTFIXUpdate Industrial Edge Own Device (IEOD), Industrial Edge Cloud Device (IECD), and Industrial Edge Virtual Device (IEVD) to version 1.24.2 or later
SIMATIC IOT2050
HOTFIXUpdate SIMATIC IOT2050 to version 1.25.1 or later
SCALANCE LPE9413
HOTFIXUpdate SCALANCE LPE9413 and LPE9433 switches to version 2.2 or later
All products
HOTFIXUpdate SIMATIC HMI MTP700, MTP1000, MTP1200, MTP1500, MTP1900, and MTP2200 panels to version 21 or later
HOTFIXUpdate SIMATIC IPC Industrial Edge Devices (BX-39A, BX-59A, IPC127E, IPC227E, IPC227G, IPC427E, IPC847E) to version 3.1 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/1281e36e-6972-47d9-954d-bab9e350fd60