Buffer Overflow Vulnerability in Siemens SICAM Products
CVE-2020-10042

9.8CRITICAL

Key Information:

Vendor: Siemens
Status: Sicam Mmu; Sicam Sgu; Sicam T
Vendor: CVE Published:; 14 July 2020

Summary

A vulnerability has been discovered in various Siemens SICAM products, specifically affecting the SICAM MMU, SICAM SGU, and SICAM T. This buffer overflow flaw exists in the web application's handling of certain inputs, potentially allowing an attacker with web access to execute arbitrary code remotely. Prompt updates to the affected products are crucial to mitigate this security risk.

Affected Version(s)

SICAM MMU All versions < V2.05

SICAM SGU All versions

SICAM T All versions < V2.18

References

https://cert-portal.siemens.com/productcert/pdf/ssa-30512...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2020
Vulnerability Reserved
Mar 4, 2020