CVE-2026-25571
Received Received - Intake

Stack Overflow in SICAM SIAPP SDK Client Causes DoS

Vulnerability report for CVE-2026-25571, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-10

Last updated on: 2026-03-13

Assigner: Siemens AG

Description

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK client component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process and potentially causing denial of service.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-10
Last Modified
2026-03-13
Generated
2026-07-06
AI Q&A
2026-03-10
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
siemens sicam_siapp_sdk to 2.17 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-130 The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the SICAM SIAPP SDK client component versions prior to V2.1.7. The issue is that the software does not enforce maximum length checks on certain variables before using them. As a result, an attacker can send input that is larger than expected, which can cause a stack overflow.

A stack overflow can crash the process running the SDK client component, potentially leading to denial of service.

Impact Analysis

The primary impact of this vulnerability is that an attacker could cause the affected process to crash by sending oversized input, resulting in a denial of service condition.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25571. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart