PatchSiren cyber security CVE debrief
CVE-2020-26139 Siemens CVE debrief
CVE-2020-26139 describes an access-control flaw affecting Siemens SCALANCE wireless devices: an access point can forward EAPOL frames to other clients before the sender has successfully authenticated. In the advisory corpus, this is framed as a nearby-Wi-Fi issue that can be used for denial-of-service against connected clients and may also make other client vulnerabilities easier to exploit. The supplied CVSS score is 5.3 (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H), which fits a medium-priority availability issue with wireless-range exposure.
- Vendor
- Siemens
- Product
- SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-14
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-14
- Advisory updated
- 2026-04-21
Who should care
Industrial network and OT teams running affected Siemens SCALANCE wireless access points, especially in environments where the radio footprint reaches beyond tightly controlled areas. Also relevant to defenders responsible for the clients attached to those wireless segments, since the impact falls on connected devices.
Technical summary
The advisory states that an AP forwards EAPOL frames to other clients even though the sender has not yet authenticated to the AP. That behavior can enable denial-of-service conditions for nearby wireless clients and can reduce the barrier to exploiting other client-side weaknesses. The source corpus ties remediation to Siemens SCALANCE firmware versions before V6.6.0 and recommends updating to V6.6.0 or later. When patching is delayed, Siemens also recommends reducing Wi-Fi transmission power or placing the devices in private areas with physical access controls.
Defensive priority
Medium priority. Patch affected Siemens SCALANCE wireless devices as soon as maintenance windows allow, with extra urgency for deployments whose Wi-Fi coverage extends into public or shared areas.
Recommended defensive actions
- Inventory Siemens SCALANCE wireless models listed in the advisory and verify current firmware versions.
- Upgrade affected devices to V6.6.0 or later per the vendor fix guidance.
- If immediate updating is not possible, reduce Wi-Fi transmission power where feasible and place devices in private areas with physical access controls.
- Watch for unexplained client disconnects or service disruption on affected wireless segments.
- Use the vendor and CISA advisories to confirm the exact affected product list before scheduling remediation.
Evidence notes
The supplied source corpus is a CISA CSAF republishing of Siemens ProductCERT advisory SSA-019200, with publication date 2026-04-14 and republication/modification on 2026-04-21. The corpus explicitly states the EAPOL-forwarding-before-authentication behavior, the nearby-Wi-Fi denial-of-service risk, and the remediation to update to V6.6.0 or later. The source metadata also marks the vendor mapping as low-confidence and needs review, so product inventory should be validated against the Siemens advisory if used operationally.
Official resources
-
CVE-2020-26139 CVE record
CVE.org
-
CVE-2020-26139 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory date: 2026-04-14. The advisory was modified/republished on 2026-04-21 with Siemens ProductCERT material in the source corpus.