CVE-2026-54429: SIMATIC S7-PLCSIM Advanced Memory Exhaustion via High-Volume Multicast Traffic
A NVD · · CVE-2026-54429
Admiralty grading (A–F · 1–6)
Source reliability
- A Completely reliable
- B Usually reliable
- C Fairly reliable
- D Not usually reliable
- E Unreliable
- F Cannot be judged
Information credibility
- 1 Confirmed
- 2 Probably true
- 3 Possibly true
- 4 Doubtful
- 5 Improbable
- 6 Cannot be judged
NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.
Key metrics
- CVSS
- 7.4
- EPSS
- 0%
Key insight
The vulnerability affects a simulation environment, not production systems directly; however, it poses a risk to engineering workstations and development workflows in manufacturing operations.
Description
CVE-2026-54429 affects SIMATIC S7-PLCSIM Advanced in all versions. The affected software does not properly handle high-volume multicast network traffic, potentially exhausting memory resources and causing denial-of-service conditions. The vulnerability can be exploited by network-based attackers without authentication if the affected device is reachable on a network carrying multicast traffic. S7-PLCSIM Advanced is used for development, programming, and validation of PLC logic; successful exploitation could disrupt development and testing workflows.
Risk score
- cvss base
- 74.00
- kev bonus
- 0.00
- epss bonus
- 0.00
- poc bonus
- 0.00
- raw before weight
- 74.00
- industry weight
- 1.21
- freshness factor
- 1.00
- exploitability factor
- 1.00
- days old
- 0.00
- vendor mismatch penalty
- 0.00
Path: operational
MITRE ATT&CK mapping
2 TTPsProcedure details
| Technique | Tactic | Procedure | Conf. | Source |
|---|---|---|---|---|
| T1499.001 OS Exhaustion Flood | Impact | An unauthenticated attacker on the local network segment sends high-volume multicast network traffic to exhaust available memory resources in SIMATIC S7-PLCSIM Advanced, causing a denial-of-service condition that renders the application inaccessible and requires manual restart. | high | llm |
| T1498.002 Reflection Amplification | Impact | The attacker leverages multicast network traffic flooding techniques targeting SIMATIC S7-PLCSIM Advanced to overwhelm the application's memory resources on the local network segment. | medium | llm |