PatchSiren cyber security CVE debrief
CVE-2026-22610 Siemens CVE debrief
CVE-2026-22610 is a high-severity cross-site scripting issue documented in the CISA-republished Siemens SIDIS Prime advisory corpus. The advisory ties the issue to an Angular Template Compiler sanitization weakness and states that Siemens SIDIS Prime versions prior to 4.0.800 are affected. Siemens indicates the issue is fixed in version 4.0.800 and later. From a defensive standpoint, this is primarily a web-content handling and UI trust issue: the CVSS 3.1 vector shows network reachability, low attack complexity, low privileges, and required user interaction, with potential high impact to confidentiality, integrity, and availability. Organizations running SIDIS Prime should prioritize upgrade planning and verify whether any exposed web components or embedded browser workflows rely on the affected Angular behavior.
- Vendor
- Siemens
- Product
- SIDIS Prime
- CVSS
- HIGH 8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-03-12
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-03-12
Who should care
Operators and administrators of Siemens SIDIS Prime, OT/ICS security teams, and application owners responsible for patching or validating the web front end and embedded application dependencies.
Technical summary
The supplied advisory text describes CVE-2026-22610 as an XSS flaw in Angular’s Template Compiler, where the internal sanitization schema fails to treat the href and xlink:href attributes of SVG <script> elements as a Resource URL context. In the Siemens advisory context, the affected product is SIDIS Prime versions prior to 4.0.800. The reported CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H, which indicates a network-accessible issue that requires some privileges and user interaction but may have broad impact if triggered.
Defensive priority
High. The advisory assigns CVSS 8.0 and the source corpus recommends upgrading to version 4.0.800 or later. Treat this as a patch-priority issue for any deployment of Siemens SIDIS Prime.
Recommended defensive actions
- Inventory all Siemens SIDIS Prime installations and confirm the installed version.
- Upgrade SIDIS Prime to version 4.0.800 or later as recommended by the advisory.
- Review any exposed web interfaces or workflows that render SVG content or rely on Angular-based UI components.
- Validate that patching does not disrupt operational workflows, then verify the fixed version is deployed everywhere.
- Follow CISA and Siemens recommended ICS defensive practices for segmentation, access control, and defense in depth.
Evidence notes
This debrief is based only on the supplied CISA CSAF source item and its listed official references. The source item was published on 2026-03-10 and republished on 2026-03-12. The advisory text associates CVE-2026-22610 with Siemens SIDIS Prime versions prior to 4.0.800 and describes the vulnerability as an Angular Template Compiler XSS issue involving SVG <script> href and xlink:href sanitization. No exploit code or unsupported impact claims are included.
Official resources
-
CVE-2026-22610 CVE record
CVE.org
-
CVE-2026-22610 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published by CISA on 2026-03-10 and republished on 2026-03-12 using Siemens advisory material.