CVE-2026-54429
Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
14/07/2026
Last modified:
14/07/2026
Description
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced (All versions). Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local network segment to cause a denial-of-service condition of the affected application. The affected application becomes inaccessible and requires a manual restart; no project data is lost. Successful exploitation requires a specific project configuration to be already active on the targeted instance.
Impact
Base Score 4.0
6.00
Severity 4.0
MEDIUM
Base Score 3.x
7.40
Severity 3.x
HIGH



