SSA-471761 V1.0: Multiple Vulnerabilities in SICAM T Before V3.0
Risk Summary
<p>SICAM T before V3.0 contain multiple vulnerabilities. These include critical issues such as improper parameter and input validation, various Cross-Site Scripting (XSS) vulnerabilities , and a Cross-Site Request Forgery (CSRF) vulnerability . Additional weaknesses comprise session fixation, authentication and authorization bypasses , missing HTTPS protection, and missing cookie protection flags. These issues could potentially lead to remote code execution, denial of service, unauthorized access to web-interface functionality, session hijacking, impersonation of legitimate users, or allow an attacker to perform arbitrary actions on the device on behalf of a user.</p> <p>Siemens has released a new version for SICAM T and recommends to update to the latest version.</p>
Remediations
- Refer to Siemens ProductCERT advisory for patch and remediation guidance.
Affected Vendors
Affected Products (1)
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more