← Back to home
ICSA-25-072-11  ·  Published 2026-05-14  ·  View on CISA ICS-CERT ↗

Siemens SIMATIC IPC Family, ITP1000, and Field PGs

CVSS 8.2 HIGH

Risk Summary

Multiple vulnerabilities has been identified in Siemens SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs that can allow an authenticated attacker to alter the secure boot and password configurations. Siemens has released new versions of BIOS for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

CVEs (2)

Remediations

  • Restrict access to root/administrator permission for the operating system
  • Currently no fix is planned
  • Currently no fix is available
  • Update to V1.1.4 or later version
  • Update to V25.02.15 or later version
  • Update to V27.01.11 or later version
  • Update to V28.01.14 or later version
  • Update to V29.01.07 or later version
  • Update to V31.01.07 or later version
  • Update to V32.01.04 or later version
  • Update to V35.01.12 or later version
  • Update to V35.02.10 or later version
  • Update to V36.01.03 or later version
  • Update to V26.01.12 or later version

Affected Vendors

Siemens

Affected Products (32)

Siemens · SIMATIC Field PG M5 vers:all/*
Siemens · SIMATIC Field PG M6 vers:intdot/<26.01.12
Siemens · SIMATIC IPC BX-21A vers:intdot/<31.01.07
Siemens · SIMATIC IPC BX-32A vers:intdot/<29.01.07
Siemens · SIMATIC IPC BX-39A vers:intdot/<29.01.07
Siemens · SIMATIC IPC BX-59A vers:intdot/<32.01.04
Siemens · SIMATIC IPC PX-32A vers:intdot/<29.01.07
Siemens · SIMATIC IPC PX-39A vers:intdot/<29.01.07
Siemens · SIMATIC IPC PX-39A PRO vers:intdot/<29.01.07
Siemens · SIMATIC IPC RC-543A vers:intdot/<36.01.03
Siemens · SIMATIC IPC RC-543B vers:intdot/<35.01.12
Siemens · SIMATIC IPC RW-543A vers:intdot/<1.1.4
Siemens · SIMATIC IPC RW-543B vers:intdot/<35.02.10
Siemens · SIMATIC IPC127E vers:intdot/<27.01.11
Siemens · SIMATIC IPC227E vers:all/*
Siemens · SIMATIC IPC227G vers:intdot/<28.01.14
Siemens · SIMATIC IPC277E vers:all/*
Siemens · SIMATIC IPC277G vers:intdot/<28.01.14
Siemens · SIMATIC IPC277G PRO vers:intdot/<28.01.14
Siemens · SIMATIC IPC3000 SMART V3 vers:all/*
Siemens · SIMATIC IPC327G vers:intdot/<28.01.14
Siemens · SIMATIC IPC347G vers:all/*
Siemens · SIMATIC IPC377G vers:intdot/<28.01.14
Siemens · SIMATIC IPC427E vers:all/*
Siemens · SIMATIC IPC477E vers:all/*
Siemens · SIMATIC IPC477E PRO vers:all/*
Siemens · SIMATIC IPC527G vers:all/*
Siemens · SIMATIC IPC627E vers:intdot/<25.02.15
Siemens · SIMATIC IPC647E vers:intdot/<25.02.15
Siemens · SIMATIC IPC677E vers:intdot/<25.02.15
Siemens · SIMATIC IPC847E vers:intdot/<25.02.15
Siemens · SIMATIC ITP1000 vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more