CVE-2023-30901
Description
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.11), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.11), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.11), SICAM T (All versions < V3.0). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A CSRF vulnerability in the web server of SICAM P850 and P855 devices (versions before V3.11) allows attackers to perform arbitrary actions on behalf of an authenticated user.
Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability exists in the web server of SICAM P850 and SICAM P855 devices running versions prior to V3.11 [3]. The web server is also missing cookie protection flags, which further weakens session security [3]. The vulnerability affects a wide range of product variants, including the 7KG8500 and 7KG8550 series, as listed in the official description.
Exploitation
An attacker can exploit this vulnerability by tricking a legitimate, authenticated user into clicking a malicious link or visiting a crafted web page while the user is logged into the affected device [3]. The attacker does not need direct network access to the device; the attack relies on the victim's browser sending a forged request to the device's web interface. No authentication or privileges beyond the victim's existing session are required [3].
Impact
Successful exploitation allows the attacker to perform arbitrary actions on the device on behalf of the authenticated user, such as modifying configurations, triggering operations, or exfiltrating information [3]. The attacker effectively impersonates the victim, leveraging the victim's session to execute commands within the web interface. Depending on the user's privileges, this could lead to full compromise of the device's management functions [3].
Mitigation
Siemens has released version V3.11 of the firmware for all affected SICAM P850 and P855 devices [3]. Users should update to V3.11 or later. As a workaround, Siemens recommends not accessing links from untrusted sources while logged into the affected devices and restricting access to port 443/tcp to trusted IP addresses only [3]. There is no indication that this CVE has been listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6- Range: < V3.0
- Range: < V3.11
- Range: < V3.11
- Siemens/SICAM P850v5Range: 0
- Siemens/SICAM P855v5Range: 0
- Siemens/SICAM Tv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- cert-portal.siemens.com/productcert/html/ssa-201498.htmlmitre
- cert-portal.siemens.com/productcert/html/ssa-471761.htmlmitre
- cert-portal.siemens.com/productcert/html/ssa-480095.htmlmitre
- cert-portal.siemens.com/productcert/html/ssa-887249.htmlmitre
- cert-portal.siemens.com/productcert/pdf/ssa-480095.pdfmitre
- cert-portal.siemens.com/productcert/pdf/ssa-887249.pdfmitre
News mentions
0No linked articles in our index yet.