Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
|
| Vendors & Products |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the web API. This could allow an authenticated attacker to bypass security controls and gain unauthorized elevated privileges. | |
| Weaknesses | CWE-620 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2026-07-09T14:15:54.353Z
Reserved: 2026-06-16T07:47:12.274Z
Link: CVE-2026-54801
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T15:30:05Z