← Back to home
SIEMENS-SSA-085541  ·  Published 2026-05-12  ·  View on Siemens ProductCERT ↗

SSA-085541 V1.0: Missing Authentication in Critical Function in ActiveMQ Artemis (CVE-2026-27446) in Opcenter RDnL

CVSS 9.3 CRITICAL

Risk Summary

<p>Opcenter RDnL is affected by missing authentication in critical function in ‘ActiveMQ Artemis’. An unauthenticated attacker within the adjacent network could use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This could potentially result in availability impacts or message injection into any queue via the rogue broker. Breaking the integrity of a message has a low impact due to missing auto refresh functionality and it does not contain any confidential information.</p> <p>ActiveMQ Artemis has released a new version and Siemens recommends to update to the latest version.</p>

CVEs (1)

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-085541 V1.0: Missing Authentication in Critical Function in ActiveMQ Artemis (CVE-2026-27446) in Opcenter RDnL See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more