SSA-529291 — Vulnetix

SSA-529291 PUBLISHED CVSS 6.199999809265137 MEDIUM

Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes.

Risk Scores

CVSS 3.1

6.199999809265137

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Siemens	POWER METER SICAM Q100 (7KG9501-0AA31-2AA1)
Siemens	POWER METER SICAM Q100 (7KG9501-0AA31-0AA1)
Siemens	POWER METER SICAM Q100 (7KG9501-0AA01-2AA1)
Siemens	POWER METER SICAM Q200 family
Siemens	POWER METER SICAM Q100 (7KG9501-0AA01-0AA1)

Timeline

Aug 12, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/csaf/ssa-529291.json advisory
https://cert-portal.siemens.com/productcert/html/ssa-529291.html advisory
https://support.industry.siemens.com/cs/ww/en/view/109743524/ patch
https://support.industry.siemens.com/cs/ww/en/view/109743592/ patch

Open in Interactive Console →