Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Staff Editor 2026-06-11
Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

https://www.securityweek.com/siemens-says-desigo-cc-files-flagged-as-malware-by-security-engines/

Publish Date: 2026-06-11 07:40:00

Source Domain: www.securityweek.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

Siemens is informing customers that patch files for its Desigo CC building management system are erroneously being flagged as malware by multiple cybersecurity solutions.

Desigo CC integrates HVAC, lighting, security, fire safety, power, and other building subsystems into a single open platform for centralized monitoring and control.

The industrial giant recently learned that patch files released for Desigo CC versions 7 through 9 are being detected as malicious by various antivirus engines, as confirmed by tests on VirusTotal.

Siemens says it’s working with cybersecurity vendors to address the inaccurate file classification, but it suspects that the false-positive detections are caused by a PowerShell script compiled as an executable.

The script is included in a ‘patchHelper’ shipped with Desigo CC patches. Siemens believes that file system operations, registry modifications, and execution with elevated privileges in the script are considered suspicious or malicious by security engines.

Interestingly, the vendor says the script has been the same for several months, but it’s only now being flagged as malicious. 

“All relevant files were manually compared to the development repositories. No differences or malicious modifications were found. In addition, the digital signatures were verified as valid and showed no indications of manipulation,” Siemens pointed out in its advisory. Advertisement. Scroll to continue reading.

This is not the first time Siemens has reported issues with third-party cybersecurity solutions. Last year, the company notified customers of a problem affecting Microsoft Defender Antivirus and its Simatic PCS products.

Related: Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Related: ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact

Related: Real-World ICS Security Tales From the Trenches

Related: Critical Vulnerability Exposes Industrial Robot Fleets to Hacking

More Stories

Enterprises report increasing budgets for security training in AI and other critical topics

Enterprises report increasing budgets for security training in AI and other critical topics

Staff Editor 2026-06-11
DNV awarded Santiago de los Caballeros monorail cybersecurity contract

DNV awarded Santiago de los Caballeros monorail cybersecurity contract

Staff Editor 2026-06-11
Lawmaker proposes overhaul of critical infrastructure cyber plans as AI threats rise

Lawmaker proposes overhaul of critical infrastructure cyber plans as AI threats rise

Staff Editor 2026-06-11

You may have missed

Enterprises report increasing budgets for security training in AI and other critical topics

Enterprises report increasing budgets for security training in AI and other critical topics

Staff Editor 2026-06-11
What Colorado AI Law’s Major Rewrite Means For Employers | Proskauer Rose LLP

What Colorado AI Law’s Major Rewrite Means For Employers | Proskauer Rose LLP

Staff Editor 2026-06-11
Maryland names former federal AI leader as state’s responsible AI senior advisor

Maryland names former federal AI leader as state’s responsible AI senior advisor

Staff Editor 2026-06-11
Fermilab storage infrastructure enables AI-driven scientific and research discovery for DOE’s Genesis Mission

Fermilab storage infrastructure enables AI-driven scientific and research discovery for DOE’s Genesis Mission

Staff Editor 2026-06-11
Gulf Digital Sovereignty in the Age of AI Warfare

Gulf Digital Sovereignty in the Age of AI Warfare

Staff Editor 2026-06-11

Terms and Conditions - Privacy Policy