SIEMENS-SSA-282044 · Published 2026-03-10 · View on Siemens ProductCERT ↗

SSA-282044 V1.7 (Last Update: 2026-03-10): DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery

CVSS N/A MEDIUM

Risk Summary

<p>The installers used to install several Siemens products are affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected installer component. This vulnerability poses a risk only during setup and installation phase of the affected applications downloaded e.g. via OSD (Online Software Delivery).</p> <p>Siemens has released new versions for several affected products and recommends using the latest versions during setup and installation. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.</p>

Remediations

Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-282044 V1.7 (Last Update: 2026-03-10): DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more