Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2852 articles · 175149 vulns · 37/41 feeds (7d)
← Back to list
10.0
CVE-2026-56451PATCHED
siemens · opcenter x

CVE-2026-56451: A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications do not properly validate

Description

A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications do not properly validate the algorithm specified in the JSON Web Token (JWT) header. This could allow an unauthenticated remote attacker to forge arbitrary JWT, bypass authentication mechanisms and impersonate any user including administrative accounts, potentially gaining full unauthorized access to the application.

Affected Products

VendorProductVersions
siemensopcenter x0

References

  • https://cert-portal.siemens.com/productcert/html/ssa-096828.html

Related News (1 articles)

Tier C
VulDB6h ago
CVE-2026-56451 | Siemens Opcenter X up to 2603 JWT Header Validation improper authorization
→ No new info (linked only)
CVSS 3.110.0 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited❌ No
Patch available
V2604
CWECWE-347
PublishedJul 14, 2026
Last enriched5h agov2
Trending Score44
Source articles1
Independent1
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

MEDIUMCVE-2025-40945EXP
CVE-2025-40945: A vulnerability has been identified in COMOS V10.4.5 (All versions < V10.4.5.0.2), COMOS V10.6 (All versions < V10.6.1),
Trending: 47
HIGHCVE-2026-54429
CVE-2026-54429: A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected devices do not properly handl
Trending: 38
HIGHCVE-2026-54801EXP
CVE-2026-54801: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 31
MEDIUMCVE-2026-54799EXP
CVE-2026-54799: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 29
MEDIUMCVE-2026-54798EXP
CVE-2026-54798: A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base syst
Trending: 26

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026
Updated: affectedVersions
Jul 14, 2026
Patch Available
Jul 14, 2026

Version History

v2
Last enriched 5h ago
v2Tier C5h ago

Updated affected versions to include 2603 and clarified that no exploit is available.

affectedVersions
via VulDB
v15h ago

Initial creation