PatchSiren cyber security CVE debrief
CVE-2025-64718 Siemens CVE debrief
CVE-2025-64718 is a prototype-pollution issue in js-yaml that Siemens/CISA mapped to SIDIS Prime versions earlier than 4.0.800. In the supplied advisory corpus, the concern is that parsing untrusted YAML can let an attacker alter the prototype of parsed objects via __proto__. Siemens’ remediation is to update SIDIS Prime to 4.0.800 or later. The advisory was published on 2026-03-10 and republished on 2026-03-12 in the supplied timeline.
- Vendor
- Siemens
- Product
- SIDIS Prime
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-03-12
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-03-12
Who should care
Administrators and security teams responsible for Siemens SIDIS Prime deployments, especially any instance that parses external or otherwise untrusted YAML content. OT/ICS environments that mirror or integrate application data from third parties should pay attention to the version boundary and remediation guidance.
Technical summary
The source corpus describes a js-yaml prototype pollution flaw affecting versions before 4.1.1 and 3.14.2. In the Siemens advisory mapping, the impacted product line is Siemens SIDIS Prime versions with product tree entry vers:intdot/<4.0.800, and the recommended fix is V4.0.800 or later. The reported impact is integrity-related object prototype modification when parsing attacker-controlled YAML; the supplied CVSS vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N (5.3, Medium).
Defensive priority
Medium; prioritize if SIDIS Prime processes untrusted YAML or is exposed through network-reachable workflows.
Recommended defensive actions
- Update Siemens SIDIS Prime to version 4.0.800 or later per the advisory remediation guidance.
- Inventory where SIDIS Prime or its YAML parsing paths accept external or user-controlled input.
- Treat untrusted YAML as unsafe input and restrict or validate any ingestion paths that cannot be removed.
- Monitor for unexpected object property changes or application behavior consistent with prototype pollution.
- Track Siemens/CISA advisory updates and confirm whether any dependent components also need patching.
Evidence notes
The supplied CISA CSAF item (ICSA-26-071-03) and its Siemens references describe the issue as a js-yaml prototype pollution vulnerability. The product metadata maps the advisory to Siemens SIDIS Prime with an affected version constraint of vers:intdot/<4.0.800 and remediation to V4.0.800 or later. The source corpus also provides the public CVE record reference and notes publication on 2026-03-10 with a CISA republication on 2026-03-12. No KEV entry or ransomware linkage is indicated in the supplied data.
Official resources
-
CVE-2025-64718 CVE record
CVE.org
-
CVE-2025-64718 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied advisory corpus on 2026-03-10 and republished on 2026-03-12. The supplied enrichment data does not mark this CVE as KEV-listed.