Primary

Context

Siemens SICAM SIAPP SDK Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the Siemens SICAM SIAPP SDK client component, all versions prior to V2.1.7. The vulnerability arises because the SDK does not enforce maximum length checks on certain variables, allowing attackers to send oversized inputs that can trigger stack overflows. This flaw can crash the process, causing a denial-of-service condition.

Impact

Exploitation of this vulnerability can lead to a stack-based buffer overflow, causing the process to crash and potentially allowing for arbitrary code execution, according to the Siemens Security Advisory SSA-903736.

Remediation

Users are advised to update to SICAM SIAPP SDK version 2.1.7 or later. The latest version can be downloaded from the Siemens GitHub repository.

Added: Mar 10, 2026, 7:22 PM

Updated: Mar 10, 2026, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SICAM SIAPP SDK Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating