Main Vulnerability Database SB2020120901

SB2020120901 - Protection Mechanism Failure in Siemens SICAM A8000 RTUs

Published: December 9, 2020

Security Bulletin ID SB2020120901

CSH Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Protection Mechanism Failure (CVE-ID: CVE-2020-28396)

CWE-ID: CWE-693 - Protection Mechanism Failure

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security restrictions and elevate privileges on the system.

Remediation

Install update from vendor's website.

References

https://ics-cert.us-cert.gov/advisories/icsa-20-343-07

SB2020120901 - Protection Mechanism Failure in Siemens SICAM A8000 RTUs

Breakdown by Severity

Description

Remediation

References

Please verify you're human