CVE-2026-22924

Siemens · SIMATIC CN 4100

The Siemens SIMATIC CN 4100 is susceptible to an unauthenticated resource exhaustion vulnerability that can lead to service disruption or unauthorized operational interference.

Executive summary

A critical vulnerability in Siemens SIMATIC CN 4100 versions prior to V5.0 allows unauthenticated attackers to cause resource exhaustion, threatening industrial system availability.

Vulnerability

This vulnerability involves the improper restriction of unauthenticated connections, which can be leveraged to trigger resource exhaustion conditions. An unauthenticated attacker can exploit this to disrupt normal industrial operations or perform unauthorized actions.

Business impact

The exploitation of this vulnerability poses a significant risk to operational technology (OT) environments, potentially causing critical system downtime or the loss of process integrity. With a CVSS score of 9.1, the vulnerability is classified as critical due to the ease of access for unauthenticated attackers and the potential for severe impact on industrial infrastructure.

Remediation

Immediate Action: Upgrade all instances of Siemens SIMATIC CN 4100 to version V5.0 or later as mandated by the vendor advisory.

Proactive Monitoring: Monitor network traffic and system logs for spikes in connection requests or anomalous resource consumption patterns indicative of a denial-of-service attempt.

Compensating Controls: Implement strict network segmentation and firewall rules to restrict access to the SIMATIC CN 4100 management interface to trusted, authorized IP addresses only.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the critical severity of this vulnerability, immediate patching is required to prevent potential operational disruption. Organizations should prioritize updating affected SIMATIC CN 4100 devices and verify that network access is strictly controlled until updates are fully deployed.