Siemens SICAM RTUs SM-2556 COM Modules Firmware XSS Vulnerability

Siemens SICAM RTUs SM-2556 COM Modules Firmware XSS Vulnerability

CVE-2017-12738 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into clicking on a malicious link.

Learn more about our Web App Pen Testing.