N/A

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the web server. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/TCP or 443/TCP. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the web server. A system reboot is required to recover the web service of the device. At the time of advisory update, exploit code for this security vulnerability is public.

N/A

N/A

Siemens SICAM A8000 Series 安全漏洞

Siemens SICAM A8000 CP-800、SICAM A8000 CP-802X和SICAM A8000 CP-8050都是德国西门子（Siemens）公司的一款A8000系列模块化设备。该设备主要用于能源供应领域的远程控制和自动化应用。 Siemens SICAM A8000 Series中存在XML外部实体注入漏洞。攻击者可利用该漏洞造成拒绝服务。以下产品和版本受到影响：Siemens SICAM A8000 CP-8000 V14之前版本；SICAM A8000 CP-802X V14之

N/A

N/A