CVE-2026-41125
Summary
| CVE | CVE-2026-41125 |
|---|---|
| State | PUBLISHED |
| Assigner | siemens |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-12 10:16:46 UTC |
| Updated | 2026-05-12 14:19:41 UTC |
| Description | A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions), blueplanet 110 TL3 (All versions), blueplanet 125 NX3 M11 (All versions), blueplanet 125 TL3 (All versions), blueplanet 125 TL3 GEN2 (All versions), blueplanet 137 TL3 (All versions), blueplanet 150 TL3 (All versions), blueplanet 150 TL3 GEN2 (All versions), blueplanet 155 TL3 (All versions), blueplanet 155 TL3 GEN2 (All versions), blueplanet 165 TL3 (All versions), blueplanet 165 TL3 GEN2 (All versions), blueplanet 25.0 NX3-33.0 NX3 (All versions), blueplanet 3.0 NX3-20.0 NX3 (All versions), blueplanet 3.0-5.0 NX1 (All versions), blueplanet 360 NX3 M6 (All versions), blueplanet 50.0 NX3-60.0 NX3 (All versions), blueplanet 87.0 TL3 (All versions), blueplanet 87.0 TL3 GEN2 (All versions), blueplanet 92.0 TL3 (All versions), blueplanet 92.0 TL3 GEN2 (All versions), blueplanet gridsafe 110 TL3-S (All versions), blueplanet gridsafe 137 TL3-S (All versions), blueplanet gridsafe 92.0 TL3-S (All versions), blueplanet hybrid 10.0 TL3 (All versions), blueplanet hybrid 6.0 NH3-12.0 NH3 (All versions). Improper neutralization of special elements used in an sql command ('sql injection') in KACO Meteor server allows an authorized attacker to elevate privileges over a local network. |
Risk And Classification
Primary CVSS: v4.0 5.9 MEDIUM from [email protected]
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS: 0.000160000 probability, percentile 0.035380000 (date 2026-05-12)
Problem Types: CWE-89 | CWE-89 CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 5.9 | MEDIUM | CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/C... |
| 4.0 | CNA | DECLARED | 5.9 | MEDIUM | CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N |
| 3.1 | [email protected] | Primary | 6 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H |
| 3.1 | CNA | DECLARED | 6 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H |
CVSS v4.0 Breakdown
Attack Vector
AdjacentAttack Complexity
HighAttack Requirements
NonePrivileges Required
HighUser Interaction
NoneConfidentiality
LowIntegrity
HighAvailability
HighSub Conf.
NoneSub Integrity
NoneSub Availability
NoneCVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v3.1 Breakdown
Attack Vector
AdjacentAttack Complexity
HighPrivileges Required
HighUser Interaction
NoneScope
UnchangedConfidentiality
LowIntegrity
HighAvailability
HighCVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Siemens | Blueplanet 100 NX3 M8 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 100 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 105 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 105 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 110 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 125 NX3 M11 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 125 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 125 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 137 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 150 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 150 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 155 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 155 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 165 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 165 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 25.0 NX3-33.0 NX3 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet 3.0 NX3-20.0 NX3 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet 3.0-5.0 NX1 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet 360 NX3 M6 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet 50.0 NX3-60.0 NX3 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet 87.0 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 87.0 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 92.0 TL3 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet 92.0 TL3 GEN2 | affected * custom | Not specified |
| CNA | Siemens | Blueplanet Gridsafe 110 TL3-S | affected * custom | Not specified |
| CNA | Siemens | Blueplanet Gridsafe 137 TL3-S | affected * custom | Not specified |
| CNA | Siemens | Blueplanet Gridsafe 92.0 TL3-S | affected * custom | Not specified |
| CNA | Siemens | Blueplanet Hybrid 10.0 TL3 | unaffected * custom | Not specified |
| CNA | Siemens | Blueplanet Hybrid 6.0 NH3-12.0 NH3 | unaffected * custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| cert-portal.siemens.com/productcert/html/ssa-545643.html | [email protected] | cert-portal.siemens.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.