Several Vulnerabilities in SICAM PAS before V8.06

Plan Patch8.8SSA-849072Dec 13, 2022

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SICAM PAS/PQS before version 8.06 contains three vulnerabilities: improper library loading (CWE-427), untrusted search path loading (CWE-1287), and transmission of credentials in cleartext (CWE-319). These issues could allow a local attacker to execute arbitrary code with system privileges, escalate privileges, or cause a denial of service on the SICAM server, disrupting substation monitoring and control operations.

What this means

What could happen

An attacker with local access to a SICAM PAS/PQS server could execute arbitrary code with elevated privileges or crash the service, potentially disrupting substation automation, grid monitoring, and alarm management functions that operators depend on.

Who's at risk

This affects utilities and plant operators running Siemens SICAM PAS or SICAM PQS substation automation and power quality monitoring systems. SICAM PAS is used for monitoring and controlling substations; SICAM PQS handles power quality analysis. Both are common in medium to large electric utilities managing distribution and transmission equipment.

How it could be exploited

An attacker with local access to the SICAM PAS/PQS server could exploit one of three vulnerabilities (improper loading of libraries, untrusted search path, or unencrypted credentials transmission) to either execute arbitrary code with system privileges or crash the application, depending on which vulnerability is exploited.

Prerequisites

Local access to the SICAM PAS/PQS server host
Low-level user account or ability to place files in the application search path

Low-complexity local exploitationPrivilege escalation possibleDefault or weak credentials transmissionAffects monitoring and control systems

Exploitability

Moderate exploit probability (EPSS 1.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

SICAM PAS/PQS< V7.07.0

SICAM PAS/PQS≥ 7.0 < V8.068.06

Remediation & Mitigation

0/2

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

SICAM PAS/PQS

HOTFIXUpdate SICAM PAS/PQS to version 7.0 or later if currently running a version before 7.0

HOTFIXUpdate SICAM PAS/PQS to version 8.06 or later if currently running version 7.0 or later but before 8.06

CVEs (3)

CVE-2022-43722 CVE-2022-43723 CVE-2022-43724

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/96fbdfac-6bf7-4e2d-9c27-a66bc5c5f07c