Your one-stop web resource providing safety and security information to manufacturers

Siemens has an update ready to go to mitigate an uncaught exception vulnerability in its SICAM A8000 RTU, according to NCCIC.

The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote users to cause a denial-of-service condition on the web server of affected products. Emanuel Duss and Nicolas Heiniger from Compass Security discovered this vulnerability.

Siemens Clearing EN100 Ethernet Module Issue
Fuji has Fix for Alpha5 Smart Loader
Omron Updates CX-Supervisor Fix
Kunbus Updates PR100088 Modbus Gateway Fix

The following versions of SICAM A8000 RTU, a telecontrol and automation device, suffer from the remotely exploitable vulnerability:
• SICAM A8000 CP-8000 versions prior to v14
• SICAM A8000 CP-802X versions prior to v14
• SICAM A8000 CP-8050 versions prior to v2

Specially crafted network packets sent to Ports 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a denial-of-service condition on a web server.
CVE-2018-13798 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

Cyber Security

The product sees use mainly in the energy. It sees action on a global basis.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

Siemens released updates for all product variants and recommends users update to the new versions.

Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:
1. Limit access to the web server on Ports 80/TCP and 443/TCP with an external firewall
2. Apply a Defense-in-Depth strategy

For additional information see Siemens’ security advisory SSA-579309.

Pin It on Pinterest

Share This