CVE-2017-12738

Name of the Vulnerable Software and Affected Versions Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00

Description The issue concerns the integrated web server of the affected devices, which could allow Cross-Site Scripting (XSS) attacks. This occurs when unsuspecting users are tricked into clicking on a malicious link, potentially allowing attackers to execute malicious scripts. The web server is accessible via port 80/tcp.

Recommendations For Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00, consider restricting access to the integrated web server until a fix is available. As a temporary workaround, avoid clicking on suspicious links to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.