What is CVE-2026-41125?

CVE-2026-41125 is a medium-severity vulnerability in Siemens Blueplanet 100 Nx3 M8, classified under SQL Injection. CVSS score: 6.0/10. Published 2026-05-12.

How severe is CVE-2026-41125?

Medium severity. CVSS v3 base score is 6.0 out of 10.

SQL Injection in Siemens Blueplanet 100 Nx3 M8

CVE-2026-41125

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions), blueplanet 110 TL3 (All versions), blueplanet 1…

Vulnerability class: SQL Injection

EPSS: 0.000 (7.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H.

Affected products

Siemens Blueplanet 100 Nx3 M8 — versions 0
Siemens Blueplanet 100 Tl3 Gen2 — versions 0
Siemens Blueplanet 105 Tl3 — versions 0
Siemens Blueplanet 105 Tl3 Gen2 — versions 0
Siemens Blueplanet 110 Tl3 — versions 0
Siemens Blueplanet 125 Nx3 M10 — versions 0
Siemens Blueplanet 125 Nx3 M11 — versions 0
Siemens Blueplanet 125 Tl3 — versions 0
Siemens Blueplanet 125 Tl3 Gen2 — versions 0
Siemens Blueplanet 137 Tl3 — versions 0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

productcert@siemens.com

Frequently asked questions

What is CVE-2026-41125?: CVE-2026-41125 is a medium-severity vulnerability in Siemens Blueplanet 100 Nx3 M8, classified under SQL Injection. CVSS score: 6.0/10. Published 2026-05-12.
How severe is CVE-2026-41125?: Medium severity. CVSS v3 base score is 6.0 out of 10.