The vulnerability of the web server of the microprogramming software for the processor module control units of Siemens SICAM CP-8031 and CP-8050 allows a hacker to elevate their privileges to the root level.

🗓️ 04 Jul 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

A vulnerability in Siemens SICAM web server for CP-8031 and CP-8050 allows root access via the open serial console.

Reporter	Title	Published	Views	Family All 14
CNNVD	Siemens CP-8031 安全漏洞	13 Jun 202300:00	–	cnnvd
CNVD	Unspecified Vulnerability in Siemens SICAM A8000 Devices CPCI85 Firmware	14 Jun 202300:00	–	cnvd
CVE	CVE-2023-33921	13 Jun 202308:17	–	cve
Cvelist	CVE-2023-33921	13 Jun 202308:17	–	cvelist
EUVD	EUVD-2023-38071	3 Oct 202520:07	–	euvd
ICS	Siemens SICAM A8000 Devices	13 Jun 202300:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	13 Jun 202300:00	–	ncsc
NVD	CVE-2023-33921	13 Jun 202309:15	–	nvd
OSV	CVE-2023-33921	13 Jun 202309:15	–	osv
Packet Storm	Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection	11 Jul 202300:00	–	packetstorm

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-731916.pdf
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2023061511
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

04 Jul 2023 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 36.8

CVSS 27.2

EPSS0.00394

Siemens SICAM web server serial console root access control unit one control unit two