🎯Basically, there are serious security holes in Siemens devices that could let hackers take control.
What Happened
CyberDanube Security Research has uncovered multiple vulnerabilities in the Siemens SICAM A8000 series, specifically affecting the CP-8050, CP-8031, CP-8010, and CP-8012 master modules. The vulnerabilities, discovered during a penetration test, include an unauthenticated denial of service and a memory corruption issue that could allow remote code execution.
The Flaw
- Unauthenticated Denial of Service: A crafted POST request with an oversized Content-Length can force the service to wait indefinitely for more data, blocking all other user interactions.
- Unauthenticated Memory Corruption (CVE-2026-27664): Sending a malicious XML payload can write null bytes to arbitrary memory locations, potentially leading to denial of service or remote code execution.
What's at Risk
The vulnerabilities primarily affect the IHI00.elf and RTUM85.elf binaries. If exploited, these vulnerabilities can disrupt the functionality of the SICAM A8000 devices, posing significant risks to operational technology environments.
Patch Status
Siemens has released a fixed version (V26.10) that addresses these vulnerabilities. Users are strongly advised to upgrade their systems to this version to mitigate the risks.
Immediate Actions
Containment
- 1.Upgrade to the latest version (V26.10) as soon as possible.
- 2.Restrict network access to the affected devices to limit exposure.
Remediation
Conclusion
The discovery of these vulnerabilities highlights the need for ongoing vigilance in securing industrial control systems. Organizations using Siemens SICAM A8000 devices must act quickly to protect their infrastructure from potential attacks.
🔒 Pro insight: The memory corruption vulnerability could be exploited to gain control over critical infrastructure, emphasizing the need for immediate patching.
