Lucene search

China National Vulnerability DatabaseCNVD-2024-01410

HistoryJan 10, 2024 - 12:00 a.m.

Siemens CPCI85 Firmware of SICAM A8000 Devices Command Injection Vulnerability

2024-01-1000:00:00

China National Vulnerability Database

www.cnvd.org.cn

siemens

cpci85

firmware

sicam a8000

command injection

vulnerability

remote control

automation

energy supply

root privileges

startup

cnvd

7.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

38.1%

JSON

The SICAM A8000 rtu (remote terminal unit) series is a modular family of devices for remote control and automation applications in all areas of energy supply. A command injection vulnerability exists in the Siemens CPCI85 Firmware of SICAM A8000 Devices, which can be exploited by an authenticated, remote attacker to inject commands executed on the device with root privileges during device startup.

CPENameOperatorVersion
siemens cp-8031 master module (6mf2803-1aa00) <cpci85 veq05.20
siemens cp-8050 master module (6mf2805-0aa00) <cpci85 veq05.20

CPE	Name	Operator	Version
	siemens cp-8031 master module (6mf2803-1aa00) <cpci85 v	eq	05.20
	siemens cp-8050 master module (6mf2805-0aa00) <cpci85 v	eq	05.20