High severity7.7NVD Advisory· Published May 12, 2026· Updated May 12, 2026

CVE-2026-27662

Description

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/html/ssa-387223.htmlnvd

News mentions

Siemens SIMATIC
CISA Alerts

cvss	0.501
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000