BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·44d ago

Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-08.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens has released a new version for RUGGEDCOM CROSSBOW Station Access Controller (SAC) and recommends to update to the latest version. /strong /p p The following versions of Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) are affected: /p ul li RUGGEDCOM CROSSBOW Station Access Controller (SAC) vers:intdot/ lt;5.8 (CVE-2025-6965) /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 7.7 /td td Siemens /td td Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) /td td Numeric Truncation Error /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Germany /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2025-6965 /a /h3 div class="csaf-accordion-content" p There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. /p p a href="https://www.cve.org/CVERecord?id=CVE-2025-6965" View CVE Details /a /p hr h4 Affected Products /h4 h5 Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) /h5 div class="ics-vendor-version-status" div class="ics-vendor" strong Vendor: /strong br Siemens /div div class="ics-version" strong Product Version: /strong br RUGGEDCOM CROSSBOW Station Access Controller (SAC) /div div class="ics-status" strong Product Status: /strong br known_affected /div /div div class="ics-remediations" h6 Remediations /h6 p strong Vendor fix /strong br Update to V5.8 or later version br a href="https://support.industry.siemens.com/cs/ww/en/view/110000841/" https://support.industry.siemens.com/cs/ww/en/view/110000841/ /a /p /div p strong Relevant CWE: /strong a href="https://cwe.mitre.org/data/definitions/197.html" CWE-197 Numeric Truncation Error /a /p hr h4 Metrics /h4 div class="csaf-table csaf-metrics-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS Version /th th role="columnheader" Base Sc

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-08

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin