CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Siemens Products using OpenSSL

unknownCVE-2025-15467
View CSAF Summary OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service (DoS) or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. The following versions of Siemens Products using OpenSSL are affected: AI Lightweight Inference Server vers:all/* (CVE-2025-15467) Connector for Azure vers:intdot/<1.8.0 (CVE-2025-15467) Databus vers:intdot/<3.3.2 (CVE-2025-15467) HiMed Cockpit vers:all/* (CVE-2025-15467) RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) vers:all/* (CVE-2025-15467) RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) vers:all/* (CVE-2025-15467) SCALANCE LPE9403 (6GK5998-3GS00-2AC2) vers:all/* (CVE-2025-15467) SCALANCE LPE9413 (6GK5998-3GS01-2AC2) vers:all/* (CVE-2025-15467) SCALANCE LPE9433 (6GK5998-3GS11-2AC2) vers:all/* (CVE-2025-15467) SCALANCE M804PB (6GK5804-0AP00-2AA2) vers:all/* (CVE-2025-15467) SCALANCE M812-1 ADSL-Router family vers:all/* (CVE-2025-15467) SCALANCE M816-1 ADSL-Router family vers:all/* (CVE-2025-15467) SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) vers:all/* (CVE-2025-15467) SCALANCE M874-2 (6GK5874-2AA00-2AA2) vers:all/* (CVE-2025-15467) SCALANCE M874-3 (6GK5874-3AA00-2AA2) vers:all/* (CVE-2025-15467) SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) vers:all/* (CVE-2025-15467) SCALANCE M876-3 (6GK5876-3AA02-2BA2) vers:all/* (CVE-2025-15467) SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) vers:all/* (CVE-2025-15467) SCALANCE M876-4 (6GK5876-4AA10-2BA2) vers:all/* (CVE-2025-15467) SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) vers:all/* (CVE-2025-15467) SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) vers:all/* (CVE-2025-15467) SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) vers:all/* (CVE-2025-15467) SCALANCE MUB852-1 (B1) (6GK

CSIRTS triage

vendor: SiemensDenial of serviceRemote code executionaffected: various versions prior to specified updates
What
A stack-based buffer overflow vulnerability could lead to denial of service or remote code execution.
Who is affected
Users of Siemens products utilizing OpenSSL.
Urgency
Remediation is urgent due to the potential for severe exploitation.
Action
Update to the latest versions of affected Siemens products.

AI-assisted analysis generated from the source advisory — verify against the original.

Details

Source
CISA Cybersecurity Advisories (US · national-cert · site)
Severity
unknown
Published
2026-06-23
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-03

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2025-15467coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from CISA Cybersecurity Advisories