CVE Catalog

CVE-2026-22924

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile — higher than 22% of all known CVEs

Summary

A vulnerability in SIMATIC CN 4100 (versions prior to V5.0) allows unauthenticated attackers to exhaust resources via unrestricted connections. This can disrupt normal device operations.

Risk Assessment

An attacker can cause system unavailability (DoS) or perform unauthorized actions, impacting system availability and integrity.

Recommendation

Immediately update to version V5.0 or later. If not possible, restrict network access to the device to trusted hosts only.

Original NVD description (English source)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions, potentially impacting system availability and integrity.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS