Siemens SENTRON 7KT PAC1261 Data Manager — CVE-2025-22871
CISA ICS · CISA · CVE-2025-22871
ID
CVE-2025-22871
CVE-2025-22871
Date
Activity
Source
CISA ICS
CISA ICS
Vendor
CISA
CISA
Threat
medium
medium
Summary
View CSAF Summary The web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.0 contains a request smuggling vulnerability in the Go Project's net/http package that could allow an attacker to retrieve authorization tokens that can be used to gain administrative control over the device. Siemens has released a new version for SENTRON 7KT PAC1261 Data Manager and recommends to update to the latest version. The…
Product
ICS Advisory
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.