Medium severity6.0NVD Advisory· Published May 12, 2026· Updated May 12, 2026

CVE-2026-41125

Description

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions), blueplanet 110 TL3 (All versions), blueplanet 125 NX3 M11 (All versions), blueplanet 125 TL3 (All versions), blueplanet 125 TL3 GEN2 (All versions), blueplanet 137 TL3 (All versions), blueplanet 150 TL3 (All versions), blueplanet 150 TL3 GEN2 (All versions), blueplanet 155 TL3 (All versions), blueplanet 155 TL3 GEN2 (All versions), blueplanet 165 TL3 (All versions), blueplanet 165 TL3 GEN2 (All versions), blueplanet 25.0 NX3-33.0 NX3 (All versions), blueplanet 3.0 NX3-20.0 NX3 (All versions), blueplanet 3.0-5.0 NX1 (All versions), blueplanet 360 NX3 M6 (All versions), blueplanet 50.0 NX3-60.0 NX3 (All versions), blueplanet 87.0 TL3 (All versions), blueplanet 87.0 TL3 GEN2 (All versions), blueplanet 92.0 TL3 (All versions), blueplanet 92.0 TL3 GEN2 (All versions), blueplanet gridsafe 110 TL3-S (All versions), blueplanet gridsafe 137 TL3-S (All versions), blueplanet gridsafe 92.0 TL3-S (All versions), blueplanet hybrid 10.0 TL3 (All versions), blueplanet hybrid 6.0 NH3-12.0 NH3 (All versions). Improper neutralization of special elements used in an sql command ('sql injection') in KACO Meteor server allows an authorized attacker to elevate privileges over a local network.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

SQL injection in the KACO Meteor server of multiple blueplanet inverters allows an authorized attacker to elevate privileges locally.

Vulnerability

Analysis

The vulnerability resides in the KACO Meteor server component of numerous KACO blueplanet inverter product lines. The root cause is an improper neutralization of special elements used in an SQL command ('SQL injection'). This flaw allows an authorized attacker to inject arbitrary SQL commands into the backend database [1].

Attack

Vector

The attacker must already have some level of local network access and authorization to the affected device. The attack is executed over the local network, exploiting the SQL injection vulnerability in the Meteor server. No other prerequisites are mentioned in the available sources [1].

Impact

A successful exploit could allow the attacker to elevate their privileges, potentially gaining administrative control over the affected inverter. This could lead to unauthorized configuration changes, denial of service, or other malicious actions.

Mitigation

Siemens advisory SSA-545643 acknowledges this vulnerability but states that currently no fix is planned for many of the affected product lines [1]. The vendor recommends applying countermeasures such as network segmentation and limiting access to the devices as workarounds fixed versions are not yet available for all products [1].

References

SSA-545643

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

KACO/Meteorllm-create

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/html/ssa-545643.htmlnvd

News mentions

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
Wordfence Blog · May 7, 2026

cvss	0.390
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000