VYPR
advisoryPublished Jul 16, 2026· 1 source

Siemens SICAM 8 Products Vulnerable to Multiple Exploits, CISA Warns

CISA has issued an advisory detailing multiple critical vulnerabilities in Siemens SICAM 8 products, including CPCI85 and SICORE firmware, that could lead to denial of service, unauthorized code execution, and system compromise.

Multiple vulnerabilities have been identified in Siemens SICAM 8 products, specifically affecting CPCI85 and SICORE firmware versions prior to V26.20. These flaws, cataloged under CVE-2026-54798 through CVE-2026-54801, pose significant risks to industrial control systems within critical infrastructure sectors such as Critical Manufacturing and Energy.

One of the primary concerns is CVE-2026-54798, which involves an active debug code accessible via HTTP endpoints. An authenticated attacker could exploit this to crash the web process, leading to denial-of-service conditions and disrupting system operations. This vulnerability carries a CVSS v3.1 score of 6.5 (MEDIUM).

Another critical vulnerability, CVE-2026-54799, targets the firmware update mechanism. A flaw in the signature validation process could allow an attacker to install malicious firmware, enabling persistent code execution and complete system compromise. This vulnerability is rated with a CVSS v3.1 score of 6.7 (MEDIUM).

Furthermore, CVE-2026-54800 highlights an insecure default configuration where all OPC UA security mechanisms are disabled. This oversight could permit an attacker to gain unauthorized access and control over critical system functions, with a CVSS v3.1 score of 4.8 (MEDIUM).

CVE-2026-54801 addresses insufficient validation of administrative account modifications through the web API. An authenticated attacker could exploit this to bypass security controls and escalate their privileges, leading to unauthorized elevated access. This vulnerability is rated as HIGH with a CVSS v3.1 score of 7.2.

Siemens has acknowledged these vulnerabilities and has released updated firmware versions to address them. Users are strongly advised to update to the latest versions to mitigate these risks. Specific guidance is provided for CPCI85 V26.20 and SICORE V26.20.0, with links to relevant support pages for the "CP-8031/CP-8050 Package," "SICAM EGS Package," "CP-8010/CP-8012 Package," and "SICAM S8000 Package."

These vulnerabilities were reported to CISA by Siemens. The affected products are deployed worldwide, underscoring the global impact of these security weaknesses. The advisory emphasizes the importance of timely patching and secure configuration practices for industrial control systems.

Synthesized by Vypr AI