ICSA-26-111-04
·
Published 2026-04-14
·
View on CISA ICS-CERT ↗
Siemens Analytics Toolkit
CVSS 3.7
LOW
Risk Summary
Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and recommends to update to the latest versions.
CVEs (1)
Remediations
- Update to V225.0 Update 13 or later version
- Update to V226.0 Update 04 or later version
- Update to V2504.0008 or later version
- Update to V2506.0002 or later version
- Update to V2506.6000 or later version
- Update to V2602 or later version
- Update to V3.5.8.2 or later version
Affected Vendors
Siemens
Affected Products (7)
Siemens
·
Siemens Software Center
vers:intdot/<3.5.8.2
Siemens
·
Simcenter 3D
vers:intdot/<2506.6000
Siemens
·
Simcenter Femap
vers:intdot/<2506.0002
Siemens
·
Simcenter STAR-CCM+
vers:intdot/<2602
Siemens
·
Solid Edge SE2025
<V225.0_Update_13
Siemens
·
Solid Edge SE2026
<V226.0_Update_04
Siemens
·
Tecnomatix Plant Simulation
vers:intdot/<2504.0008
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more