Siemens SIDIS Prime
Plan PatchCVSS 8.7ICS-CERT ICSA-26-071-03Mar 10, 2026
SiemensManufacturing
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
SIDIS Prime before V4.0.800 contains multiple vulnerabilities in OpenSSL, SQLite, and Node.js packages. These vulnerabilities could allow an attacker to bypass authentication, perform buffer overflows, execute arbitrary code, or cause denial of service. The vulnerabilities span improper input validation, insufficient random number generation, path traversal, cross-site scripting, integer overflow, and TLS/SSL certificate validation failures. Siemens has released V4.0.800 which addresses these issues.
What this means
What could happen
Multiple vulnerabilities in OpenSSL, SQLite, and Node.js libraries could allow an attacker to gain unauthorized access, execute code, or disrupt SIDIS Prime operations. This could compromise the integrity of data and control system availability in manufacturing environments.
Who's at risk
Manufacturing facilities using Siemens SIDIS Prime (versions below 4.0.800) for data management and industrial control should prioritize this update. This affects facilities that rely on SIDIS Prime for process data, diagnostics, or system configuration.
How it could be exploited
An attacker with network access to SIDIS Prime could exploit these library vulnerabilities to bypass authentication (CWE-295), perform out-of-bounds operations (CWE-125, CWE-787), or execute arbitrary code through improper input validation (CWE-20). The attacker could interact with the system directly or through crafted network requests targeting the vulnerable components.
Prerequisites
- Network access to SIDIS Prime (CVSS indicates non-local attack vector)
- SIDIS Prime running version before 4.0.800
- High attack complexity suggests specific conditions or detailed knowledge of the vulnerabilities may be required
Remotely exploitableHigh attack complexityMultiple vulnerable components (OpenSSL, SQLite, Node.js packages)Affects manufacturing control systems
Exploitability
Some exploitation risk — EPSS score 1.4%
Public Proof-of-Concept (PoC) on GitHub (2 repositories)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SIDIS Prime< 4.0.8004.0.800
Remediation & Mitigation
0/4
Do now
0/2SIDIS Prime
HARDENINGRestrict network access to SIDIS Prime to only authorized users and systems; do not expose it to the internet
HARDENINGPlace SIDIS Prime behind a firewall and isolate it from business networks
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
SIDIS Prime
HOTFIXUpdate SIDIS Prime to version 4.0.800 or later
Long-term hardening
0/1SIDIS Prime
HARDENINGIf remote access to SIDIS Prime is required, use a VPN and keep the VPN software updated
CVEs (23)
CVE-2024-29857CVE-2024-30172CVE-2025-6965CVE-2025-7783CVE-2025-9232CVE-2025-9670CVE-2025-15284CVE-2025-58752CVE-2025-62522CVE-2025-64718CVE-2025-66030CVE-2025-66035CVE-2025-66412CVE-2025-69277CVE-2024-30171CVE-2024-41996CVE-2025-9230CVE-2025-12816CVE-2025-58751CVE-2025-58754CVE-2025-64756CVE-2025-66031CVE-2026-22610
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/075dac19-557a-4c35-9580-5227ad55be29Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.