CVE-2026-25787

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (2)

Siemens SIMATIC S7 PLC Web Server

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-15.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>SIMATIC S7 PLCs contain multiple vulnerabilities in the web server that could allow an attacker to perform cross-site scripting attacks. Siemens has released new versions for several affected products and recommends to update to the l

CVE-2026-25786CVE-2026-25787

4d agoCISA Advisories

CRITICALVulnerability

NVD CRITICAL: CVE-2026-25787 — Affected devices do not properly validate and sanitize Technology Object (TO) na...

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "Motion Control Diagnostics" parameters pa

CVE-2026-25787

6d agoNIST NVD