← Back to home
SIEMENS-SSA-134651  ·  Published 2023-10-10  ·  View on Siemens ProductCERT ↗

SSA-134651 V1.0: Hard Coded SSH ID in CPCI85 Firmware of SICAM A8000 Devices

CVSS N/A MEDIUM

Risk Summary

<p>The CPCI85 firmware of SICAM A8000 CP-8031 and CP-8050 contains a hard-coded ID in the SSH <code>authorized_keys</code> configuration file. An attacker with knowledge of the corresponding credential could login to the device via SSH. Only devices with activated debug support are affected.</p> <p>Siemens has released updates for the affected products and recommends to update to the latest versions.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-134651 V1.0: Hard Coded SSH ID in CPCI85 Firmware of SICAM A8000 Devices See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more