SSA-444217: Information Disclosure Vulnerabilities in SICAM PAS
Publication Date 2016-06-30 / Last Update2016-06-30 / Current VersionV1.0CVSSv3 Base Score 2.5
- SICAM PAS: All versions < 8.07 (Vulnerability 1),
- SICAM PAS: All versions (Vulnerability 2)
SICAM PAS is an energy automation solution for operating an electrical substation with its devices.
Detailed information about the vulnerabilities is provided below
The vulnerability classification has been performed by using the CVSS scoring system in version 3.0 (CVSSv3.0) (http://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring.
Vulnerability 1 (CVE-2016-5848)
An authenticated local attacker with certain privileges to the SICAM PAS database could possibly reconstruct passwords for SICAM PAS users.
- CVSS Base Score 2.3
- CVSS Vector
Vulnerability 2 (CVE-2016-5849)
An authenticated local attacker could possibly access sensitive configuration information
from the SICAM PAS database file if the database is in a stopped state.
- CVSS Base Score 2.5
- CVSS Vector
The attacker must have local access to the SICAM PAS system and certain database
privileges or the database must be in a stopped state.
Siemens provides SICAM PAS 8.07 which fixes vulnerability 1 and recommends customers to update to this version .
Regarding vulnerability 2, Siemens is working to include an automated fix with a new SICAM PAS version and will update the advisory accordingly. In the meantime, Siemens provides detailed instructions on how to manually fix the vulnerability on existing installations of SICAM PAS via the Siemens Energy Customer Support Center .
Siemens thanks the following for their support and efforts:
- Ilya Karpov from Positive Technologies for coordinated disclosure of vulnerability 1.
- lya Karpov and Dmitry Sklyarov from Positive Technologies for coordinated disclosure of vulnerability 2.
 In order to receive the SICAM PAS V8.07 update and to receive detailed instructions on how to mitigate vulnerability 2, please contact the Siemens Energy Customer Support Center at:
Alternatively, you can contact your regional Siemens representative.
 Recommended security guidelines to Secure Substation:
(Select “Cyber Security General Downloads” tab -> “Manuals”)
 For further inquiries on vulnerabilities in Siemens products and solutions, please
contact the Siemens ProductCERT:
Contact & Information
Get In Touch with Siemens ProductCERT
Feel free to contact us in any security-related question on the Siemens portfolio and particularly if you want to report a potential security issue. In the Services section you will find information on how we work and additional industry best practices.