Siemens SICAM PAS

Plan Patch8.8ICS-CERT ICSA-22-349-19Dec 13, 2022

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SICAM PAS/PQS contains three vulnerabilities (CWE-427: Untrusted Search Path, CWE-1287: Improper Validation of Specified Quantity in Input, CWE-319: Cleartext Transmission) that could allow an attacker with local or authenticated access to execute arbitrary code, escalate privileges, or cause denial of service. Versions before V7.0 and versions V7.0 through V8.05 are affected. These are secondary protection devices critical to power grid stability.

What this means

What could happen

An attacker with local access to a SICAM PAS/PQS device could run arbitrary commands with elevated privileges, potentially altering protection settings, disabling alarms, or disrupting power system monitoring and control functions.

Who's at risk

Power system operators using Siemens SICAM PAS/PQS for secondary protection, monitoring, and control of electrical grids. This includes municipal utilities and regional transmission operators who rely on these devices for relay protection, power quality monitoring, and system automation.

How it could be exploited

An attacker with an account on the SICAM PAS/PQS system (or who gains one through social engineering or phishing) can exploit privilege escalation vulnerabilities to execute commands that modify protection schemes, disable monitoring, or cause the system to become unresponsive. The attack requires local shell or application access to the device.

Prerequisites

Local account on the SICAM PAS/PQS device (unprivileged or privileged)
Ability to execute code or commands in the product interface or shell
SICAM PAS/PQS version prior to V7.0 or between V7.0 and V8.05

Low complexity attackRequires local access or valid accountCan lead to remote code executionAffects critical protection systemsHigh impact on grid reliability

Exploitability

Moderate exploit probability (EPSS 1.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

SICAM PAS/PQS<V7.07.0

SICAM PAS/PQS≥ 7.0 <V8.068.06

Remediation & Mitigation

0/5

Do now

0/2

SICAM PAS/PQS

HARDENINGApply network segmentation and firewall rules to restrict network access to SICAM PAS/PQS administrative interfaces

All products

HARDENINGEnforce strong authentication and access controls for device accounts

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

SICAM PAS/PQS

HOTFIXUpdate SICAM PAS/PQS to version 8.06 or later

All products

WORKAROUNDValidate any security update in a test environment before deployment to production systems

Long-term hardening

0/1

HARDENINGImplement multi-level redundant secondary protection schemes as recommended by grid design regulations

CVEs (3)

CVE-2022-43722 CVE-2022-43723 CVE-2022-43724

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/191603cc-4ddc-42cd-a02c-932089b7091d