{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27662", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "state": "PUBLISHED", "assignerShortName": "siemens", "dateReserved": "2026-02-23T10:07:00.530Z", "datePublished": "2026-05-12T08:21:13.221Z", "dateUpdated": "2026-05-12T08:21:13.221Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2026-05-12T08:21:13.221Z"}, "descriptions": [{"lang": "en", "value": "Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.\r\nThis could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise."}], "affected": [{"vendor": "Siemens", "product": "SIMATIC HMI MTP1000 Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1000 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1000, Unified Comfort Panel neutral", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro for support arm (expandable, round tube) and extension unit", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro neutral design for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Comfort Pro neutral design for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1200 Unified Comfort Panel neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro for support arm (expandable, round tube) and extension unit", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro neutral design for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (expandable, round tube) and extensio", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Comfort Pro neutral design for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1500 Unified Comfort Panel neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro for support arm (expandable, round tube) and extension unit", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro neutral design for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (expandable, round tube) and extensio", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Comfort Pro neutral design for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP1900 Unified Comfort Panel neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro for support arm (expandable, round tube) and extension unit", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro neutral design for stand (expandable, flange at the bottom)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (expandable, round tube) and extensio", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Comfort Pro neutral design for support arm (not extendable, flange on top)", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Unified Comfort Hygienic", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Unified Comfort Hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP2200 Unified Comfort Panel neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP700\u00a0Unified Comfort Panel", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP700 Unified Comfort Panel hygienic neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC HMI MTP700, Unified Comfort Panel neutral design", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIPLUS HMI MTP1000 Unified Comfort", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIPLUS HMI MTP1200 Unified Comfort", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIPLUS HMI MTP700 Unified Comfort", "versions": [{"status": "affected", "version": "0", "lessThan": "V21", "versionType": "custom"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 7.7, "baseSeverity": "HIGH"}}, {"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", "baseScore": 7, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1188", "description": "CWE-1188: Initialization of a Resource with an Insecure Default", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-387223.html"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.\r\nThis could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise."}], "id": "CVE-2026-27662", "lastModified": "2026-05-12T14:19:41.400", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.2, "source": "productcert@siemens.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2026-05-12T10:16:45.540", "references": [{"source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/html/ssa-387223.html"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1188"}], "source": "productcert@siemens.com", "type": "Primary"}]}

{}

{"created": "2026-05-12T11:00:07.240667+00:00", "title": "Unauthorized Web Browser Access via Control Panel without Authentication", "updated": "2026-05-12T11:00:07.240678+00:00", "vendors": []}