Siemens Industrial Edge Devices

Plan PatchCVSS 10ICS-CERT ICSA-26-015-08Jan 13, 2026

SiemensManufacturing

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Siemens Industrial Edge Devices contain an authorization bypass vulnerability (CWE-639) that allows an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. This affects Industrial Edge Device Kit (versions 1.5–1.23, 1.24.0–1.24.1, 1.25.0), multiple SIMATIC HMI panels (MTP700, MTP1000, MTP1200, MTP1500, MTP1900, MTP2200 series), SIMATIC IOT2050, industrial edge appliances (IPC BX-39A, BX-59A, IPC127E, IPC227E, IPC227G, IPC427E, IPC847E), Industrial Edge Cloud/Own/Virtual Devices (versions prior to 1.24.2), SCALANCE network processors (LPE9413, LPE9433), and SIMATIC Automation Workstations. Versions 1.24.2, 1.25.1, and HMI firmware version 21 contain fixes. Older device versions (1.5–1.23) and Automation Workstations have no fix planned.

What this means

What could happen

An attacker without credentials could log in to affected devices and gain full control, potentially altering process settings, stopping production, or manipulating data on industrial equipment and human-machine interfaces that operators rely on for process visibility and control.

Who's at risk

Manufacturing facilities and utilities that deploy Siemens Industrial Edge Devices for edge computing and data processing, SIMATIC HMI panels (MTP series) used for operator control and monitoring, SIMATIC IOT2050 edge gateways, industrial PCs (IPC series) running edge software, SCALANCE network processors used in plant networks, and SIMATIC Automation Workstations used for engineering and commissioning. Organizations with aging equipment (versions 1.5–1.23) face heightened risk because no fix is available.

How it could be exploited

An attacker on the network reaches the affected device on its management or network interface, bypasses the authentication mechanism without valid credentials, and gains access to the device's administrative or user functions. From there, the attacker can impersonate operators or engineers, alter settings, execute commands, or modify process data depending on the device's role.

Prerequisites

Network connectivity to the affected device's management or service port
No valid credentials required

remotely exploitableno authentication requiredlow complexityno patch available for versions 1.5–1.23 and Automation Workstationsaffects industrial control and operator interfaces

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (107)

67 with fix40 pending

ProductAffected VersionsFix Status

Industrial Edge Device Kit - arm64 V1.10All versionsNo fix yet

Industrial Edge Device Kit - arm64 V1.11All versionsNo fix yet

Industrial Edge Device Kit - arm64 V1.12All versionsNo fix yet

Industrial Edge Device Kit - arm64 V1.13All versionsNo fix yet

Industrial Edge Device Kit - arm64 V1.14All versionsNo fix yet

Remediation & Mitigation

0/8

Do now

0/1

HARDENINGRestrict network access to affected products to trusted engineering workstations and authorized administrative systems only; use firewalls or network segmentation to block untrusted inbound connections

Schedule — requires maintenance window

0/7

Patching may require device reboot — plan for process interruption

SIMATIC IOT2050

HOTFIXUpdate SIMATIC IOT2050 to version 1.25.1 or later

Industrial Edge Cloud Device (IECD)

HOTFIXUpdate Industrial Edge Cloud Device (IECD), Industrial Edge Own Device (IEOD), and Industrial Edge Virtual Device (IEVD) to version 1.24.2 or later

SCALANCE LPE9413

HOTFIXUpdate SCALANCE LPE9413 and LPE9433 network processors to version 2.2 or later

All products

HOTFIXUpdate Industrial Edge Device Kit (both arm64 and x86-64 architectures) to version 1.24.2 or 1.25.1 or later

HOTFIXUpdate SIMATIC HMI MTP700, MTP1000, MTP1200, MTP1500, MTP1900, MTP2200 Unified Comfort and Comfort Pro panels to firmware version 21 or later

HOTFIXUpdate SIPLUS HMI MTP700, MTP1000, MTP1200 Unified Comfort panels to version 21 or later

HOTFIXUpdate SIMATIC IPC BX-39A, BX-59A, IPC127E, IPC227E, IPC227G, IPC427E, IPC847E Industrial Edge Devices to version 3.1 or later

CVEs (1)

CVE-2025-40805

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/1281e36e-6972-47d9-954d-bab9e350fd60

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.