A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the web API. This could allow an authenticated attacker to bypass security controls and gain unauthorized elevated privileges.
Metrics
Affected Vendors & Products
References
History
Thu, 09 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
|
| Vendors & Products |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the web API. This could allow an authenticated attacker to bypass security controls and gain unauthorized elevated privileges. | |
| Weaknesses | CWE-620 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2026-07-09T17:37:43.135Z
Reserved: 2026-06-16T07:47:12.274Z
Link: CVE-2026-54801
Updated: 2026-07-09T17:37:39.245Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T15:30:05Z