PT-2026-24222 · Siemens · Sicam Siapp Sdk
Published
2026-03-10
·
Updated
2026-03-18
·
CVE-2026-25572
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SICAM SIAPP SDK versions prior to 2.1.7
Description
The SICAM SIAPP SDK server component lacks maximum length checks on specific variables before they are used. This allows an attacker to send oversized input, potentially triggering a stack overflow that crashes the process and could lead to a denial of service.
Recommendations
Update to version 2.1.7 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sicam Siapp Sdk