Description
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.
This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise.
Published: 2026-05-12
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Certain Siemens SIMATIC HMI Unified Comfort Panels do not enforce adequate access restrictions on the web browser invoked through the Control Panel. An attacker who can reach the device without authenticating can therefore retrieve the browser interface, potentially discover hidden backdoors, perform unauthorized operations, or exploit configuration mistakes that could lead to a full system compromise. This weakness is classified as CWE-1188, reflecting inadequate access control for a privileged resource.

Affected Systems

The affected products include a wide range of Siemens SIMATIC HMI models such as the Unified Comfort Panel series (MTP1000, MTP1200, MTP1500, MTP1900, MTP2200, MTP700) in both standard and hygienic or neutral support variations, as well as the SIPLUS HMI MTP1000, MTP1200 and MTP700 panels. No specific firmware versions are listed, so all revisions of these models are potentially vulnerable.

Risk and Exploitability

The CVSS score is 7, indicating a high severity level. The EPSS score is not provided, so the current exploitation probability cannot be quantified, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, achievable by any entity that can reach the control panel over the network or through a physically connected interface, given that no authentication or restriction is enforced. Consequently, the risk to affected installations is significant, especially where the web interface is exposed to untrusted networks.

Generated by OpenCVE AI on May 12, 2026 at 10:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Disable the web browser from the Control Panel or remove the web browser feature if it is not required for operation.
  • Apply any Siemens patch or firmware update that addresses the access control issue once it becomes available from the vendor.
  • Limit network exposure by placing the HMI devices on a trusted subnet and ensuring that only authorized personnel can reach the device’s web interface.

Generated by OpenCVE AI on May 12, 2026 at 10:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 02:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 11:15:00 +0000

Type Values Removed Values Added
Title Unauthorized Web Browser Access via Control Panel without Authentication

Tue, 12 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise.
Weaknesses CWE-1188
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H'}

cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2026-05-13T01:48:49.217Z

Reserved: 2026-02-23T10:07:00.530Z

Link: CVE-2026-27662

cve-icon Vulnrichment

Updated: 2026-05-13T01:46:50.384Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T10:16:45.540

Modified: 2026-05-12T14:19:41.400

Link: CVE-2026-27662

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T11:00:07Z

Weaknesses