Vulnerabilities in SICAM MMU, SICAM T and SICAM SGU (Jul 2020)

Preface: In industries, power plants and substations, the SICAM MMU
is applied to measure and calculate parameters.

Product background: SICAM T (transducer) is a digital measuring sensor that allows the measurement of electricity in non-electrical networks in a single unit. ICAM-MMU (Measurement and Monitoring Unit) is a power monitoring device that allows the measurement of electricity in the power grid.

Remark: SICAM SGU has been discontinued.

Security Focus: CVE-2020-10042 – A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network.

My observation:

Fundamental theory: For custom application software, all code that accepts input from users via the HTTP request must be reviewed to ensure that it can properly handle arbitrarily large input.

A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network.

Possibility: According to the definition of CWE-120. Buffer overflow related to this vulnerability will be caused by looping correction. The function does not work after JavaScript updates the Field (Update fields dynamically in javascript).

Synopsis: By sending carefully crafted input to an application, an attacker can cause the application to execute arbitrary code, possibly taking over the machine.

Official announcement: https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.