Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3375 articles · 175382 vulns · 37/41 feeds (7d)
← Back to list
6.7
CVE-2026-54799EXPLOITEDPATCHED
siemens · cpci85 central processing/communication

CVE-2026-54799: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst

Description

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise.

Affected Products

VendorProductVersions
siemenscpci85 central processing/communication0, 0

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
siemenssicore base systemmitre_affected90%

References

  • https://cert-portal.siemens.com/productcert/html/ssa-229470.html

Related News (2 articles)

Tier B
CERT-FR4d ago
Multiples vulnérabilités dans les produits Siemens (10 juillet 2026)
→ No new info (linked only)
Tier C
VulDB5d ago
CVE-2026-54799 | Siemens CPCI85 Central Processing up to 26.19 Signature Validation data authenticity
→ No new info (linked only)
CVSS 3.16.7 MEDIUM
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
V26.20V26.20.0
CWECWE-489
PublishedJul 9, 2026
Last enriched5d agov2
Tags
critical
Trending Score29
Source articles2
Independent2
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

MEDIUMCVE-2025-40945EXP
CVE-2025-40945: A vulnerability has been identified in COMOS V10.4.5 (All versions < V10.4.5.0.2), COMOS V10.6 (All versions < V10.6.1),
Trending: 46
CRITICALCVE-2026-56451
CVE-2026-56451: A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications do not properly validate
Trending: 44
HIGHCVE-2026-54429
CVE-2026-54429: A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected devices do not properly handl
Trending: 38
HIGHCVE-2026-54801EXP
CVE-2026-54801: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 31
MEDIUMCVE-2026-54798EXP
CVE-2026-54798: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 26

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 9, 2026
Discovered by ZDM
Jul 9, 2026
Updated: description, severity, activelyExploited, affectedVersions, tags
Jul 9, 2026
Actively Exploited
Jul 9, 2026
Patch Available
Jul 9, 2026

Version History

v2
Last enriched 5d ago
v2Tier C5d ago

Updated severity to HIGH, added affected version 26.19, and changed exploit availability status.

descriptionseverityactivelyExploitedaffectedVersionstags
via VulDB
v15d ago

Initial creation