SSA-572005

SSA-572005 PUBLISHED CVSS 7.5 HIGH

Session fixation and multiple incorrect parameter parsing vulnerabilities that could potentially lead to remote code execution were identified in the web server of SICAM P850 and SICAM P855 devices. Siemens has released updates for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	SICAM P850 (7KG8501-0AA01-0AA0)
	SICAM P850 (7KG8501-0AA02-2AA0)
	SICAM P850 (7KG8501-0AA12-2AA0)
	SICAM P850 (7KG8500-0AA30-2AA0)
	SICAM P850 (7KG8501-0AA12-0AA0)
	SICAM P850 (7KG8500-0AA30-0AA0)
	SICAM P850 (7KG8501-0AA02-0AA0)
	SICAM P855 (7KG8550-0AA00-0AA0)
	SICAM P850 (7KG8500-0AA10-0AA0)
	SICAM P855 (7KG8550-0AA00-2AA0)
	SICAM P850 (7KG8501-0AA11-0AA0)
	SICAM P850 (7KG8500-0AA00-0AA0)
	SICAM P850 (7KG8500-0AA00-2AA0)
	SICAM P850 (7KG8501-0AA32-2AA0)
	SICAM P850 (7KG8501-0AA31-2AA0)
	SICAM P850 (7KG8501-0AA11-2AA0)
	SICAM P850 (7KG8501-0AA01-2AA0)
	SICAM P850 (7KG8501-0AA32-0AA0)
	SICAM P850 (7KG8500-0AA10-2AA0)
	SICAM P850 (7KG8501-0AA31-0AA0)

Risk Scores

Affected Products

Exploit Intelligence

Timeline

References