← Back to home
SIEMENS-SSA-887249  ·  Published 2023-06-13  ·  View on Siemens ProductCERT ↗

SSA-887249 V1.0: Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices

CVSS N/A MEDIUM

Risk Summary

<p>Multiple vulnerabilities were identified in the webserver of Q200 devices. These include Cross Site Request Forgery (CSRF), session fixation, missing secure flags in HTTP cookies and memory corruption issues due to missing input validation that could lead to remote code execution.</p> <p>Siemens has released an update for POWER METER SICAM Q200 family and recommends to update to the latest version.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-887249 V1.0: Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more