Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6
Act Now9.8SSA-631336Jun 14, 2022
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Multiple vulnerabilities were identified in the web server of SICAM GridEdge (Classic) versions before 2.6.6, including missing authentication for critical API functions, absent cross-origin resource sharing (CORS) restrictions, and exposed credential storage. These flaws allow an attacker with network access to the web interface to bypass authentication, make unauthorized API calls, and access stored credentials without needing valid login credentials.
What this means
What could happen
An attacker with network access to SICAM GridEdge could bypass authentication and execute API commands without credentials, potentially altering grid edge configurations, accessing sensitive credentials, or disrupting communication with the SCADA network.
Who's at risk
Energy sector operators running SICAM GridEdge (Classic) in grid edge computing deployments that manage power distribution, substation automation, or SCADA integration points. This includes municipal utilities and regional grid operators that rely on GridEdge for edge processing and remote monitoring.
How it could be exploited
An attacker on the network sends HTTP requests directly to the SICAM GridEdge web API endpoints. Because these endpoints lack authentication checks (CWE-306) and do not enforce CORS restrictions (CWE-346), the attacker can make privileged API calls from any origin and extract credentials stored in accessible locations (CWE-402) without providing valid login credentials.
Prerequisites
- Network access to the SICAM GridEdge web server (typically port 80/443)
- No valid credentials required
remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)affects critical control system
Exploitability
Low exploit probability (EPSS 0.7%)
Affected products (1)
ProductAffected VersionsFix Status
SICAM GridEdge (Classic)< 2.6.62.6.6
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SICAM GridEdge (Classic) to version 2.6.6 or later
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/e3e66fb2-5d37-4c7e-b547-c469ee531316