PatchSiren cyber security CVE debrief
CVE-2025-26490 Siemens CVE debrief
CVE-2025-26490 is a medium-severity disclosure issue tracked in a CISA ICS advisory for Siemens Opcenter Intelligence. The supplied advisory text contains an internal product-description mismatch, so defenders should rely on the official Siemens/CISA references and verify applicability before acting.
- Vendor
- Siemens
- Product
- Opcenter Intelligence
- CVSS
- MEDIUM 4.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
Siemens Opcenter Intelligence administrators, OT/ICS security teams, patch and vulnerability management teams, and any organization that relies on Siemens-managed industrial software deployments.
Technical summary
The supplied CSAF record maps CVE-2025-26490 to Siemens Opcenter Intelligence and assigns CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, indicating a network-reachable confidentiality issue that requires high privileges and does not affect integrity or availability. The advisory description text, however, says "Personal access token disclosure vulnerability in Tableau Server" and points to Salesforce knowledge article 000390611, which does not align with the Siemens product metadata. The only remediation stated in the corpus is to update to V2501 or later and install the latest available version per Siemens knowledge base PL8822108.
Defensive priority
Moderate. The CVSS score is below critical, but the issue can expose sensitive information and should be remediated promptly in affected Siemens deployments, especially where privileged access is exposed or shared.
Recommended defensive actions
- Confirm whether your Siemens Opcenter Intelligence deployment matches the advisory scope before changing systems.
- Review Siemens advisory SSA-246355 and CISA advisory ICSA-25-044-14 for the authoritative product and version guidance.
- Upgrade to V2501 or later, and follow the latest Siemens installation guidance referenced in knowledge base PL8822108.
- Use your normal OT/ICS patch validation process before production rollout.
- Prioritize systems that are network-accessible or store sensitive operational data.
- Track the official vendor and CISA references for any clarification because the supplied advisory text is internally inconsistent.
Evidence notes
Source corpus: CISA CSAF advisory ICSA-25-044-14, published 2025-02-11 and revised 2025-05-06 for typos only. The advisory metadata identifies Siemens Opcenter Intelligence as the affected product, while the description text refers to Tableau Server and Salesforce knowledge article 000390611. No KEV entry was supplied. The remediation text specifically says to update to V2501 or later and follow Siemens knowledge base PL8822108. Because the corpus contains conflicting product text, no additional product-scope assumptions are made here.
Official resources
-
CVE-2025-26490 CVE record
CVE.org
-
CVE-2025-26490 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA ICS advisory ICSA-25-044-14 on 2025-02-11; the advisory was revised on 2025-05-06 for typo fixes only. No KEV designation was supplied in the corpus.