CVE-2026-33892
Authentication Bypass in Siemens Industrial Edge Management Remote Access
Publication date: 2026-04-14
Last updated on: 2026-04-14
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | industrial_edge_management_pro_v1 | From 1.7.6 (inc) to 1.15.17 (exc) |
| siemens | industrial_edge_management_pro_v2 | From 2.0.0 (inc) to 2.1.1 (exc) |
| siemens | industrial_edge_management_virtual | From 2.2.0 (inc) to 2.8.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-305 | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an unauthenticated remote attacker to bypass authentication and impersonate a legitimate user, potentially leading to unauthorized access to sensitive industrial edge devices.
Such unauthorized access could result in exposure or manipulation of sensitive data or systems, which may impact compliance with standards and regulations like GDPR or HIPAA that require strict access controls and protection of sensitive information.
Mitigations such as applying updates, limiting network access to trusted parties, and following Siemensβ security recommendations are critical to maintaining compliance and reducing the risk posed by this vulnerability.
Can you explain this vulnerability to me?
This vulnerability exists in Siemens Industrial Edge Management products where the management systems do not properly enforce user authentication on remote connections to devices.
An unauthenticated remote attacker who knows the specific header and port used for remote connections, and if the remote connection feature is enabled on the device, can bypass authentication and impersonate a legitimate user.
Exploitation allows the attacker to tunnel to the device, but security features on the device itself, such as app-specific authentication, are not affected.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an unauthenticated remote attacker to gain unauthorized access to Industrial Edge Devices by bypassing authentication on remote connections.
This unauthorized access could lead to the attacker impersonating legitimate users and potentially accessing sensitive device functions or data accessible through the remote connection.
However, security features on the device itself, such as app-specific authentication, remain intact and are not compromised by this vulnerability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the affected Industrial Edge Management products are running vulnerable versions and if the remote connection feature is enabled.
Since exploitation requires knowledge of the specific header and port used for remote connections, network monitoring tools can be used to detect unusual or unauthorized remote connection attempts to these ports.
Commands to check the version of the Industrial Edge Management software on your system can help determine if the product is vulnerable. For example, querying the software version via the product's management interface or using system package/version commands depending on the deployment environment.
- Use network scanning tools (e.g., nmap) to identify open ports related to the remote connection feature.
- Monitor network traffic for headers associated with remote connections to Industrial Edge devices.
- Check the software version of Industrial Edge Management Pro or Virtual to confirm if it falls within the vulnerable range.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the product-specific updates that fix the vulnerability.
- Update Industrial Edge Management Pro V1 to version 1.15.17 or later.
- Update Industrial Edge Management Pro V2 to version 2.1.1 or later.
- Update Industrial Edge Management Virtual to version 2.8.0 or later.
Additionally, limit network access to affected products strictly to trusted parties and follow Siemensβ general security recommendations, including protecting network access with appropriate mechanisms and configuring the environment according to Siemensβ operational guidelines for Industrial Security.