Flaws in Siemens SICAM MMU, SICAM T & SICAM SGUPatch expose critical infrastructure to hackers

Cybersecurity specialists report the finding of multiple flaws in various Siemens products, which could expose critical infrastructure to remote cyberattacks.  The solutions affected are SICAM MMU, SICAM T and SICAM SGU.

Below are brief overviews of reported flaws, in addition to their respective scores and keys according to the Common Vulnerability Scoring System (CVSS).

CVE-2020-10037: By performing a saturation attack against the affected web server, threat actors could gain read access to the device’s memory and reveal sensitive information. The flaw received a CVSS score of 5.9/10.

CVE-2020-10038: An attacker with access to the device’s web server might execute administrative commands without authentication. This is a critical flaw that received a score of 9.8/10.

CVE-2020-10039: If a threat actor has a privileged network position between a legitimate user and the web server it could perform a Man-in-The-Middle (MiTM) attack and gain read and write access to the transmitted data. The flaw received a score of 7.5/10.

CVE-2020-10040: Threat actors with local access to the affected device might recover passwords in plain text. This flaw received a CVSS score of 6.2/10.

CVE-2020-10041: A cross-site scripting vulnerability (XSS) is stored in different locations in the web application. An attacker could take control of a session from a legitimate user. The flaw received a score of 9.6/10.

CVE-2020-10042: A buffer overflow in various areas of the affected web application could allow an attacker with access to the web application to execute arbitrary code over the network. The fault received a score of 9.8/10 on the CVSS scale.

CVE-2020-10043: The web server could allow cross-site script sequence (XSS) attacks if threat actors manage to trick users into opening a malicious link. The fault received a score of 8.8/10.

CVE-2020-10044: A threat actor with network access might install specially designed firmware on the device. This vulnerability received a score of 9.8/10.

CVE-2020-10045: A flaw during the challenge-response process in the affected application would allow remote hackers to reproduce authentication traffic and gain access to protected areas on the target system. The fault received a CVSS score of 8.3/10.

Siemens has already released the corresponding updates to fix these bugs, so it is recommended that affected deployment administrators update as soon as possible. The company has published more details about these flaws on its official platforms.