PatchSiren cyber security CVE debrief
CVE-2025-26491 Siemens CVE debrief
CVE-2025-26491 is a HIGH-severity server-side request forgery (SSRF) issue published by CISA on 2025-02-11 and revised on 2025-05-06 for typo fixes. The source corpus identifies Siemens Opcenter Intelligence as the affected product, but the vulnerability description and remediation text refer to Tableau Server, so applicability should be verified against the linked Siemens advisory before acting. No KEV listing is associated with this CVE in the supplied data.
- Vendor
- Siemens
- Product
- Opcenter Intelligence
- CVSS
- HIGH 7.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
Security and operations teams responsible for Siemens Opcenter Intelligence deployments, especially administrators who manage internet-reachable services or systems that can make outbound requests. Because the source text also references Tableau Server, teams should confirm the exact affected product and version against the vendor advisory before applying remediation.
Technical summary
The advisory describes an SSRF vulnerability with CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N, indicating network reachability, low attack complexity, required low privileges, no user interaction, scope change, and high confidentiality impact. The source metadata associates the issue with Siemens Opcenter Intelligence and recommends updating to V2501 or later, while the narrative description says Tableau Server; this product-name mismatch is part of the source corpus and should be treated as an applicability check item, not resolved as fact here.
Defensive priority
High. This is remotely reachable and confidentiality-impacting, so it deserves prompt triage and version verification even though it is not marked as KEV.
Recommended defensive actions
- Verify whether your deployment matches Siemens Opcenter Intelligence versions covered by the Siemens advisory and the linked knowledge base entry before making changes.
- If affected, update to V2501 or later and install the latest available version of Tableau Server as described in the Siemens remediation guidance.
- Restrict and monitor outbound network access from the affected service to reduce SSRF abuse potential.
- Review logs for unusual internal or external request patterns originating from the application.
- Apply general CISA ICS defensive practices and hardening guidance from the linked resources.
- Track the advisory revision history; the latest supplied revision is a typo-fix update on 2025-05-06, not a new issue date.
Evidence notes
The supplied CSAF metadata lists Siemens as vendor and Opcenter Intelligence as the affected product, with remediation to update to V2501 or later. However, the advisory description says: 'Server-side request forgery (SSRF) vulnerability in Tableau Server.' This mismatch is present in the corpus and should be handled as a source-consistency warning. The CVE was published on 2025-02-11 and revised on 2025-05-06. No KEV data is provided.
Official resources
-
CVE-2025-26491 CVE record
CVE.org
-
CVE-2025-26491 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by CISA on 2025-02-11 and revised on 2025-05-06 for typo corrections. No KEV listing is present in the supplied data.