PT-2019-8973 · Siemens · Sicam A8000 Cp-802X+2

Published

2019-03-21

·

Updated

2019-04-02

·

CVE-2018-13798

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions SICAM A8000 CP-8000 versions prior to V14 SICAM A8000 CP-802X versions prior to V14 SICAM A8000 CP-8050 versions prior to V2.00
Description A vulnerability allows an unauthenticated remote attacker to cause a Denial-of-Service condition of the web server by sending specially crafted network packets to port 80/TCP or 443/TCP. The attacker requires no system privileges and no user interaction to exploit this issue. Successful exploitation can compromise the availability of the web server, and a system reboot is necessary to recover the web service.
Recommendations For SICAM A8000 CP-8000 versions prior to V14, update to version V14 or later. For SICAM A8000 CP-802X versions prior to V14, update to version V14 or later. For SICAM A8000 CP-8050 versions prior to V2.00, update to version V2.00 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-13798

Affected Products

Sicam A8000 Cp-8000
Sicam A8000 Cp-802X
Sicam A8000 Cp-8050