Unauthenticated Remote Code Execution Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules

Unauthenticated Remote Code Execution Vulnerability in Siemens SICAM RTUs SM-2556 COM Modules

CVE-2017-12739 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote attackers to execute arbitrary code on the affected device.

Learn more about our Web App Pen Testing.