PT-2026-24223 · Siemens+1 · Sicam Siapp Sdk
Published
2026-03-10
·
Updated
2026-03-18
·
CVE-2026-25573
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SICAM SIAPP SDK versions prior to 2.1.7
Description
The application constructs shell commands using strings provided by the user and then executes these commands. This can allow an attacker to manipulate the executed command, potentially leading to command injection and complete system compromise. The application improperly handles external control of file names or paths, which could allow an attacker to execute arbitrary commands.
Recommendations
Update SICAM SIAPP SDK to version 2.1.7 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sicam Siapp Sdk