SICAM P850 and P855 Vulnerability in Siemens Products
CVE-2022-41665

9.8CRITICAL

Key Information:

Vendor: Siemens
Status: Sicam P850; Sicam P855
Vendor: CVE Published:; 11 October 2022

What is CVE-2022-41665?

A vulnerability exists in the Siemens SICAM P850 and P855 devices due to improper validation of parameters in a specific GET request. This flaw could enable an unauthenticated attacker to manipulate the device, potentially leading to a denial of service, or worse, allowing execution of arbitrary code on the device. Users are advised to update to the latest versions to mitigate these risks.

Affected Version(s)

SICAM P850 All versions < V3.10

References

https://cert-portal.siemens.com/productcert/pdf/ssa-57200...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2022
Vulnerability Reserved
Sep 27, 2022