PT-2026-24221 · Siemens+1 · Sicam Siapp Sdk

Published

2026-03-10

Updated

2026-03-18

CVE-2026-25571

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions SICAM SIAPP SDK versions prior to 2.1.7

Description The SICAM SIAPP SDK client component does not properly validate the length of certain variables before use. This can allow an attacker to send oversized input, potentially triggering a stack overflow, crashing the process, and leading to a denial of service. The vulnerability is related to incorrect handling of length parameters.

Recommendations Versions prior to 2.1.7 should be updated to version 2.1.7 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-130

Related Identifiers

BDU:2026-02983

CVE-2026-25571

Affected Products

Sicam Siapp Sdk

PT-2026-24221 · Siemens+1 · Sicam Siapp Sdk

CVE-2026-25571

Weakness Enumeration

Related Identifiers

Affected Products

References · 6