SSA-305120 (Last Update: 2020-07-14): Vulnerabilities in SICAM MMU, SICAM T and SICAM SGU

Published

2020-07-14 00:00:00 UTC

Summary

SICAM MMU, SICAM T and the discontinued SICAM SGU devices are affected by multiple security vulnerabilities which could allow an attacker to perform a variety of attacks. This may include unauthenticated firmware installation, remote code execution and leakage of confidential data like passwords. Siemens has released updates to introduce authentication to the web application. It is still recommended to implement further mitigations, as most of the vulnerabilities might not be sufficiently mitigated by this.