Siemens SICAM PAS Vulnerabilities

CVSS 9.8 CRITICAL

CVEs (4)

CVE-2016-8566 CVE-2016-9156 CVE-2016-9157 CVE-2016-8567

SICAM PAS Versions 8.09 and higher fix all four vulnerabilities. Siemens recommends that users upgrade to the latest version. In order to receive the SICAM PAS V8.09 update, please contact the Siemens Energy Customer Support Center at (mailto:[email protected]).
Siemens strongly recommends users protect network access with appropriate mechanisms (e.g., firewalls, segmentation, VPN). Siemens also advises that users configure the operational environment according to Siemens’ Operational Guidelines for Industrial Security: (https://www.siemens.com/cert/operational-guidelines-industrial-security)
For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-946325 at the following location: (https://cert-portal.siemens.com/productcert/pdf/ssa-946325.pdf)

Siemens

Siemens · SICAM PAS <8.09

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.