CVE-2022-41665

Name of the Vulnerable Software and Affected Versions SICAM P850 versions prior to V3.10 SICAM P855 versions prior to V3.10

Description The affected devices do not properly validate the parameter of a specific GET request. This could allow an attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Recommendations For SICAM P850 versions prior to V3.10, update to version V3.10 or later. For SICAM P855 versions prior to V3.10, update to version V3.10 or later. As a temporary workaround, consider restricting access to the vulnerable GET request endpoint until a patch is available.