You are here

Siemens SICAM (ICSA-17-320-02) – Product Used in Energy Sector

Siemens SICAM (ICSA-17-320-02) – Product Used in Energy Sector

Created: Thursday, November 16, 2017 - 13:44
Categories:
Cybersecurity

ICS-CERT has released an advisory on a Siemens SICAM vulnerability. All versions of SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00 are affected. Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code. Siemens provides a series of steps to mitigate this vulnerability, which includes disabling the web server after commissioning. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability. ICS-CERT.