216.73.217.22

CVE-2026-27664

· Published 26/03/2026 15:16 · Modified 26/03/2026 15:16

Labels: CVE-2026-27664 2026-03-26CVE-2026-27664CWE-787[email protected]

Essential information

Published
26/03/2026 15:16
Modified
26/03/2026 15:16
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base system (All versions < V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specially crafted XML inputs. This could allow an unauthenticated attacker to exploit this issue by sending a malicious XML request, which may cause the service to crash, resulting in a denial-of-service condition.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
siemens / cpci85 cpe:2.3:a:siemens:cpci85:*:<26.10>:*:*:*:*:*:*
siemens / sicore base system cpe:2.3:a:siemens:sicore_base_system:*:<26.10.0>:*:*:*:*:*:*

References