PatchSiren cyber security CVE debrief
CVE-2025-11839 Siemens CVE debrief
CVE-2025-11839 is mapped in the supplied CISA/Siemens advisory to the Siemens SIMATIC S7-1500 CPU family. The advisory text says the issue is a local flaw and the CVE description reports an unchecked return value in tg_tag_type within prdbg.c, with a public exploit reportedly released. Siemens/CISA state that no fix is currently available and advise compensating access controls.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
- CVSS
- LOW 3.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-10
- Original CVE updated
- 2026-05-14
- Advisory published
- 2025-06-10
- Advisory updated
- 2026-05-14
Who should care
OT and plant security teams, Siemens SIMATIC S7-1500 operators, system integrators, and administrators who allow local or interactive access to the affected devices or their GNU/Linux subsystem.
Technical summary
The supplied record assigns CVE-2025-11839 to five Siemens SIMATIC S7-1500 CPU family product variants. The CVE description characterizes the flaw as a local manipulation issue in GNU Binutils 2.45 affecting tg_tag_type in prdbg.c, leading to an unchecked return value; the published CVSS vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L (3.3). In the advisory corpus, the practical impact is limited to availability, with no confidentiality or integrity impact stated, and Siemens lists no available fix at the time of publication.
Defensive priority
Medium. The issue requires local access and is scored low, but it affects OT hardware, the source notes a public exploit, and the advisory says no fix is available.
Recommended defensive actions
- Restrict interactive shell access on affected devices to trusted personnel only.
- Only build and run applications from trusted sources on affected systems.
- Inventory the affected Siemens SIMATIC S7-1500 CPU model variants and confirm where they are deployed.
- Apply least-privilege access and segmentation around the affected OT assets to reduce local exposure.
- Track Siemens ProductCERT and CISA advisory updates for any future remediation guidance.
- Review local user accounts and operational workflows that could provide untrusted access to the device or its GNU/Linux subsystem.
Evidence notes
Primary evidence comes from the supplied CISA CSAF advisory ICSA-25-162-05 and its Siemens ProductCERT references. That corpus ties CVE-2025-11839 to the Siemens SIMATIC S7-1500 CPU family, lists five affected product identifiers, and states that no fix is available. The CVE description text also mentions GNU Binutils 2.45, prdbg.c, tg_tag_type, a local attack path, and a publicly released exploit. The advisory corpus does not further explain the component mapping between the GNU Binutils description and the Siemens product scope, so that linkage should be treated cautiously.
Official resources
-
CVE-2025-11839 CVE record
CVE.org
-
CVE-2025-11839 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE published on 2025-06-10. The supplied source advisory was published the same day and later republished by CISA, with the latest supplied modification dated 2026-05-14. The source states that no fix is currently available.