You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
sivaas
About this tag
The tag sivaas refers to Siemens SIMATIC Virtualization as a Service (SIVaaS), a cloud-hosted virtualization platform for industrial environments. Recent discussions focus on CVE-2025-40804, a critical unauthenticated share flaw in SIVaaS that allows remote attackers to read or modify sensitive data. Siemens assigned a CVSS score of 9.1 (v3.1) and 9.3 (v4), and published advisory SSA-534283. CISA also republished the advisory with standard ICS hardening guidance. The tag covers security vulnerabilities, remediation steps, and the impact on industrial control systems relying on SIVaaS.
Siemens’ cloud-hosted SIMATIC Virtualization as a Service (SIVaaS) has been found to expose a network share without authentication — a configuration defect that Siemens has cataloged as CVE-2025-40804 and scored as critical (CVSS v3.1 = 9.1; CVSS v4 = 9.3). This flaw allows unauthenticated...