CVE-2026-22924
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk22th percentile — higher than 22% of all known CVEs
Summary
A vulnerability in SIMATIC CN 4100 (versions prior to V5.0) allows unauthenticated attackers to exhaust resources via unrestricted connections. This can disrupt normal device operations.
Risk Assessment
An attacker can cause system unavailability (DoS) or perform unauthorized actions, impacting system availability and integrity.
Recommendation
Immediately update to version V5.0 or later. If not possible, restrict network access to the device to trusted hosts only.
Original NVD description (English source)
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions, potentially impacting system availability and integrity.

