| CVE-2016-8567 | Cri | 0.64 | 9.8 | 0.00 | | Feb 13, 2017 | An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP. |
| CVE-2016-9157 | Cri | 0.64 | 9.8 | 0.01 | | Dec 5, 2016 | A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by sending specially crafted packets to port 19234/TCP. |
| CVE-2016-9156 | Hig | 0.47 | 7.3 | 0.01 | | Dec 5, 2016 | A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP. |
| CVE-2016-5849 | Low | 0.16 | 2.5 | 0.00 | | Jul 4, 2016 | Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage. |
