Siemens SICAM Products Vulnerable to Critical Flaws, Urgent Update Needed

by do son · July 24, 2024

Siemens, a global industrial automation giant, has issued a critical security advisory warning users of multiple SICAM products about serious vulnerabilities that could lead to unauthorized access and data leaks. The affected products include the SICAM A8000 RTUs, SICAM EGS, and the SICAM 8 Power automation platform.

The vulnerabilities, tracked as CVE-2024-37998 and CVE-2024-39601, affect the firmware of these products. The first vulnerability allows attackers to reset administrative passwords without knowing the current one, potentially granting them full control over the affected devices. The second flaw enables firmware downgrades, which could expose the devices to previously patched vulnerabilities.

The Common Vulnerability Scoring System (CVSS) rates CVE-2024-37998 with a severity score of 9.3 (critical), while CVE-2024-39601 has a score of 7.1 (high). The combined impact of these vulnerabilities could be devastating, allowing attackers to disrupt critical infrastructure, steal sensitive data, or even cause physical damage.

Impact on Critical Infrastructure

The SICAM product line plays a crucial role in power automation and control systems, making these vulnerabilities particularly concerning for energy providers and industrial facilities. A successful attack could lead to widespread power outages, production shutdowns, or even safety hazards.

Siemens’ Response and Recommendations

Siemens has released new firmware versions for the affected products and strongly recommends that users update to the latest versions immediately. The company also suggests disabling the auto-login feature as a workaround for CVE-2024-37998.

In addition to these specific recommendations, Siemens also urges users to follow general security best practices, such as using strong passwords, regularly updating firmware, and implementing network segmentation.