← Back to home
SIEMENS-SSA-201595  ·  Published 2026-03-10  ·  View on Siemens ProductCERT ↗

SSA-201595 V1.3 (Last Update: 2026-03-10): Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager

CVSS N/A MEDIUM

Risk Summary

<p>Versions V5.0 through V8 of the Desigo CC product family (Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS), as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful exploitation of this vulnerability could allow privilege escalation.</p> <p>Siemens has released instructions how to update the CodeMeter Runtime component and recommends to apply the update on affected systems.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-201595 V1.3 (Last Update: 2026-03-10): Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more