Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
|
| Vendors & Products |
Siemens
Siemens cpci85 Central Processing\/communication Siemens sicore Base System |
Thu, 09 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise. | |
| Weaknesses | CWE-489 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2026-07-09T14:46:38.615Z
Reserved: 2026-06-16T07:47:12.273Z
Link: CVE-2026-54799
Updated: 2026-07-09T14:46:35.722Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T15:30:05Z