SSA-305120 (Last Update: 2020-07-14): Vulnerabilities in SICAM MMU, SICAM T and SICAM SGU
Published
2020-07-14 00:00:00 UTC
Summary
SICAM MMU, SICAM T and the discontinued SICAM SGU devices are affected by multiple security vulnerabilities which could allow an attacker to perform a variety of attacks. This may include unauthenticated firmware installation, remote code execution and leakage of confidential data like passwords. Siemens has released updates to introduce authentication to the web application. It is still recommended to implement further mitigations, as most of the vulnerabilities might not be sufficiently mitigated by this.