Multiple Vulnerabilities in SICAM Q100 Before V2.50

Act Now9.9SSA-570294Nov 8, 2022

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SICAM Q100 power meters contain multiple vulnerabilities in session management and input validation (CWE-384, CWE-20) that could allow an authenticated attacker to hijack active user sessions or inject and execute arbitrary code on the device. Successful exploitation could result in unauthorized changes to meter configuration, firmware modification, or data manipulation. Siemens has released firmware version 2.50 or later to address these issues.

What this means

What could happen

An attacker with valid login credentials could hijack a user session or inject and execute malicious code on the power meter, potentially disrupting energy measurements, billing data, or triggering false alarms in protective relaying systems.

Who's at risk

This vulnerability affects operators and engineers responsible for power meter management at utilities, municipalities, and large industrial facilities using SICAM Q100 devices. Engineering workstations and IT staff managing these meters should prioritize patching. Any system using SICAM Q100 for revenue metering, demand response coordination, or protective relaying integration is at risk.

How it could be exploited

An attacker must first obtain valid login credentials for a SICAM Q100 device. Once authenticated, the attacker can exploit session handling or input validation flaws to either impersonate a logged-in user or inject code that executes with the privileges of that session. This could allow modification of meter configuration, firmware, or data.

Prerequisites

Valid login credentials (username and password) for the SICAM Q100 device
Network access to the SICAM Q100 web interface or management port

remotely exploitablerequires valid credentialscritical CVSS score (9.9)affects energy infrastructurecode injection capabilitysession hijacking risk

Exploitability

Moderate exploit probability (EPSS 1.8%)

Affected products (1)

ProductAffected VersionsFix Status

POWER METER SICAM Q100<V2.502.50

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict network access to SICAM Q100 management interfaces to authorized workstations only using firewall rules

HARDENINGChange default or weak passwords on all SICAM Q100 devices and enforce strong password policies

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SICAM Q100 firmware to version 2.50 or later

Long-term hardening

0/1

HARDENINGMonitor SICAM Q100 access logs for suspicious login activity or session anomalies

CVEs (4)

CVE-2022-43398 CVE-2022-43439 CVE-2022-43545 CVE-2022-43546

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/da219c46-0257-4f33-b094-3b19182f8bdc