CVE-2026-22924
Siemens · SIMATIC CN 4100
The Siemens SIMATIC CN 4100 is susceptible to an unauthenticated resource exhaustion vulnerability that can lead to service disruption or unauthorized operational interference.
Executive summary
A critical vulnerability in Siemens SIMATIC CN 4100 versions prior to V5.0 allows unauthenticated attackers to cause resource exhaustion, threatening industrial system availability.
Vulnerability
This vulnerability involves the improper restriction of unauthenticated connections, which can be leveraged to trigger resource exhaustion conditions. An unauthenticated attacker can exploit this to disrupt normal industrial operations or perform unauthorized actions.
Business impact
The exploitation of this vulnerability poses a significant risk to operational technology (OT) environments, potentially causing critical system downtime or the loss of process integrity. With a CVSS score of 9.1, the vulnerability is classified as critical due to the ease of access for unauthenticated attackers and the potential for severe impact on industrial infrastructure.
Remediation
Immediate Action: Upgrade all instances of Siemens SIMATIC CN 4100 to version V5.0 or later as mandated by the vendor advisory.
Proactive Monitoring: Monitor network traffic and system logs for spikes in connection requests or anomalous resource consumption patterns indicative of a denial-of-service attempt.
Compensating Controls: Implement strict network segmentation and firewall rules to restrict access to the SIMATIC CN 4100 management interface to trusted, authorized IP addresses only.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Given the critical severity of this vulnerability, immediate patching is required to prevent potential operational disruption. Organizations should prioritize updating affected SIMATIC CN 4100 devices and verify that network access is strictly controlled until updates are fully deployed.