CVE-2026-27662

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,0

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 7,7

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: high

Availability: high

Description

AI Translation Available

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.
This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise.

1188

Initialization of a Resource with an Insecure Default

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

https://cert-portal.siemens.com/productcert/html/ssa-387223…

https://cert-portal.siemens.com/productcert/html/ssa-387223.html

CVE-2026-27662

Description

Initialization of a Resource with an Insecure Default

Common Consequences

Applicable Platforms

Iscriviti alla newsletter