CVE-2026-22924CRITICAL 9.1EPSS p21.4%

CVE-2026-22924CVE-2026-22924

Description

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions, potentially impacting system availability and integrity.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS0.30% probability of exploitation · percentile 21.4% · 2026-06-19T12:03:05Z
Published2026-05-12
Last modified2026-05-12

Underlying weaknesses· 1

CWE-306

References

  1. https://cert-portal.siemens.com/productcert/html/ssa-032379.html

1

TypeTargetConfidenceTier
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-40937
CVE
CVE-2025-40938
CVE
CVE-2025-40771
CVE
CVE-2022-40227
CVE
CVE-2025-40798
CVE
CVE-2025-40796
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.