CVE-2021-44165

7.2HIGH

Key Information:

Vendor: Siemens
Status: Power Meter Sicam Q100
Vendor: CVE Published:; 14 December 2021

Summary

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Affected Version(s)

POWER METER SICAM Q100 All versions < V2.41

References

https://cert-portal.siemens.com/productcert/pdf/ssa-49629...

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 14, 2021
Vulnerability Reserved
Nov 23, 2021