Primary

Context

Siemens SICAM SIAPP SDK Stack Overflow Vulnerability in Server Component Allowing Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the Siemens SICAM SIAPP SDK server component, all versions prior to 2.1.7. The vulnerability arises because the server does not enforce maximum length checks on certain variables, allowing an attacker to send oversized inputs that could trigger a stack overflow. This overflow could crash the process, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability can cause a stack overflow, crashing the server process and leading to a denial-of-service condition.

Remediation

Siemens has released a new version of the SICAM SIAPP SDK. Users are advised to update to version 2.1.7 or later. The updated version is available on the Siemens GitHub repository.

Added: Mar 10, 2026, 7:21 PM

Updated: Mar 10, 2026, 7:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SICAM SIAPP SDK Stack Overflow Vulnerability in Server Component Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating