Unauthenticated Access Vulnerability in SICAM P850 and P855 Products from Siemens
CVE-2022-29877

6.5MEDIUM

Key Information:

Vendor: Siemens
Status: Sicam P850; Sicam P855
Vendor: CVE Published:; 20 May 2022

Summary

An unauthenticated access vulnerability exists in SICAM P850 and SICAM P855 products, all versions below V3.00. This security flaw could permit attackers to gain access to the web interface configuration without authentication. Once inside, attackers may extract internal configuration details or modify network settings. It's important to note that although configurations can be altered, these changes will only take effect with the authentication of a user who has administrative privileges.

Affected Version(s)

SICAM P850 All versions < V3.00

References

https://cert-portal.siemens.com/productcert/pdf/ssa-16507...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 20, 2022
Vulnerability Reserved
Apr 28, 2022