Unauthenticated File Access in SICAM A8000 Devices
Monitor5.3SSA-316850Apr 12, 2022
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
SICAM A8000 CP-8050 and CP-8031 devices allow unauthenticated file access. An attacker on the network can retrieve files without providing valid credentials. This could expose device configuration, operational logs, or other sensitive information stored on the device. Siemens has released firmware version 4.80 to address this vulnerability.
What this means
What could happen
An attacker could read sensitive files on the SICAM A8000 device without needing valid credentials, potentially exposing device configuration, logs, or operational data.
Who's at risk
Utilities operating Siemens SICAM A8000 CP-8031 or CP-8050 communication processors should assess their deployed versions. These devices are commonly used in distribution automation and SCADA environments to manage substation communications and relay data.
How it could be exploited
An attacker sends unauthenticated network requests to the SICAM A8000 to retrieve files. The device accepts these requests and returns file contents without verifying the attacker's identity or authorization.
Prerequisites
- Network access to the SICAM A8000 device (affected versions < V4.80)
- No credentials required
Remotely exploitableNo authentication requiredLow complexity
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SICAM A8000 CP-8031< V4.804.80
SICAM A8000 CP-8050< V4.804.80
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
SICAM A8000 CP-8031
HOTFIXUpdate SICAM A8000 CP-8031 and CP-8050 devices to firmware version 4.80 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/03b9b3ee-8d52-43fa-881a-418743b7b3e8