← Back to home
ICSA-26-111-01  ·  Published 2026-04-14  ·  View on CISA ICS-CERT ↗

Siemens TPM 2.0

CVSS 6.6 MEDIUM

Risk Summary

The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not, or not yet available.

CVEs (1)

Remediations

  • Currently no fix is planned
  • Currently no fix is available
  • Update to V21.01.20 or later version
  • Update to V29.01.09 or later version
  • Update to V30.01.10 or later version
  • Update to V32.01.09 or later version
  • Update to V34.01.02 or later version

Affected Vendors

Siemens

Affected Products (24)

Siemens · SIMATIC CN 4100 vers:all/*
Siemens · SIMATIC Field PG M5 vers:all/*
Siemens · SIMATIC Field PG M6 vers:all/*
Siemens · SIMATIC IPC BX-32A vers:intdot/<29.01.09
Siemens · SIMATIC IPC BX-39A vers:intdot/<29.01.09
Siemens · SIMATIC IPC BX-56A vers:intdot/<32.01.09
Siemens · SIMATIC IPC BX-59A vers:intdot/<32.01.09
Siemens · SIMATIC IPC MD-57A vers:intdot/<30.01.10
Siemens · SIMATIC IPC PX-32A vers:intdot/<29.01.09
Siemens · SIMATIC IPC PX-39A vers:intdot/<29.01.09
Siemens · SIMATIC IPC PX-39A PRO vers:intdot/<29.01.09
Siemens · SIMATIC IPC RW-528A vers:intdot/<34.01.02
Siemens · SIMATIC IPC RW-548A vers:intdot/<34.01.02
Siemens · SIMATIC IPC227E vers:all/*
Siemens · SIMATIC IPC277E vers:all/*
Siemens · SIMATIC IPC427E vers:intdot/<21.01.20
Siemens · SIMATIC IPC477E vers:intdot/<21.01.20
Siemens · SIMATIC IPC477E PRO vers:intdot/<21.01.20
Siemens · SIMATIC IPC627E vers:all/*
Siemens · SIMATIC IPC647E vers:all/*
Siemens · SIMATIC IPC677E vers:all/*
Siemens · SIMATIC IPC847E vers:all/*
Siemens · SIMATIC ITP1000 vers:all/*
Siemens · SIPLUS IPC427E vers:intdot/<21.01.20

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more