CVE-2026-25605

CVSS 5.9 MEDIUMEPSS 0.1%CWE-73

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.9EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

10 Mar 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in denial of service or service disruption.

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Siemens · SICAM SIAPP SDK

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert-portal.siemens.com/productcert/html/ssa-903736.html