VYPR

SICAM T

by Siemens Foundation

CVEs (24)

  • CVE-2022-43439CriNov 8, 2022
    risk 0.64cvss 9.9epss 0.01

    A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100…

  • CVE-2022-41665CriOct 11, 2022
    risk 0.64cvss 9.8epss 0.01

    A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850…

  • CVE-2022-29873CriMay 20, 2022
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program…

  • CVE-2020-10042CriJul 14, 2020
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code…

  • CVE-2020-10038CriJul 14, 2020
    risk 0.64cvss 9.8epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the device's web server might be able to execute administrative commands without authentication.

  • CVE-2022-29874HigMay 20, 2022
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the…

  • CVE-2022-29872HigMay 20, 2022
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus,…

  • CVE-2020-10045HigJul 14, 2020
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web…

  • CVE-2020-10039HigJul 14, 2020
    risk 0.53cvss 8.1epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and…

  • CVE-2022-40226HigOct 11, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850…

  • CVE-2022-29878HigMay 20, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by…

  • CVE-2020-10044HigJul 14, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the network could be able to install specially crafted firmware to the device.

  • CVE-2020-10037HigJul 14, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). By performing a flooding attack against the web server, an attacker might be able to gain read access to the device's memory, possibly revealing…

  • CVE-2022-29882HigMay 20, 2022
    risk 0.46cvss 7.1epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs…

  • CVE-2022-29876HigMay 20, 2022
    risk 0.46cvss 7.1epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform…

  • CVE-2022-29880MedMay 20, 2022
    risk 0.42cvss 6.5epss 0.01

    A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged…

  • CVE-2020-10043MedJul 14, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link.

  • CVE-2020-10041MedJul 14, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A stored Cross-Site-Scripting (XSS) vulnerability is present in different locations of the web application. An attacker might be able to take over a…

  • CVE-2023-31238MedJun 13, 2023
    risk 0.36cvss 5.5epss 0.00

    A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850…

  • CVE-2020-10040MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.00

    A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with local access to the device might be able to retrieve some passwords in clear text.

Page 1 of 2