ICSA-20-196-03 · Published 2020-07-14 · View on CISA ICS-CERT ↗

Siemens SICAM MMU, SICAM T, and SICAM SGU

CVSS 9.8 CRITICAL

CVEs (9)

CVE-2020-10037 CVE-2020-10038 CVE-2020-10039 CVE-2020-10040 CVE-2020-10041 CVE-2020-10042 CVE-2020-10043 CVE-2020-10044 CVE-2020-10045

The firmware updates to SICAM T and SICAM MMU introduce authentication to the web application and remove some unnecessary functionality. The web authentication functionality reduces the risk of access to the device's web application for executing administrative commands by unauthenticated users.
Due to hardware constraints, encryption is not possible on the devices. Confidential data such as passwords handled by the devices need to be protected on the network by other means, e.g.'by VPN.
The risk for remote code execution and unauthenticated firmware installation can be mitigated by ensuring encryption and authentication between the user and the device, e.g.'by VPN.
Using a modern and up to date browser while accessing the web application might reduce the risk of Cross-Site-Scripting attacks.
Update to V2.05 to introduce authentication in the web application to mitigate some web
Update to V2.18 to introduce authentication in the web application to mitigate some web

Siemens

Siemens · SICAM MMU <V2.05

Siemens · SICAM SGU vers:all/*

Siemens · SICAM T <V2.18

Multiple

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.