CISA 2026-05-14

Siemens SIMATIC

Machine-generated analysis · WAYSCloud LLM

SIMATIC CN 4100 versions before 5.0 contain 37 distinct vulnerability types. Siemens recommends updating to the latest version.

Context

SIMATIC CN 4100 is an industrial communication module from Siemens. The advisory states that multiple vulnerabilities could compromise availability, integrity, and confidentiality. The list of CVSS v3 base scores includes one rated 9.6, indicating a high-severity vulnerability among the many types listed.

Operator considerations

Check: Inventory all SIMATIC CN 4100 devices for versions below 5.0.
Patch: Update affected devices to version 5.0 or later as recommended by Siemens.

From Cybersecurity and Infrastructure Security Agency ↗

SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version.

The following versions of Siemens SIMATIC are affected:

SIMATIC CN 4100 vers:intdot/

Read the full advisory on CISA →