2026-07-10 · view entry permalink →
Siemens SICAM 8 (A8000/EGS/S8000) grid RTUs: firmware-signature-validation bypass + OPC-UA-off-by-default among four CVEs (SSA-229470)
Siemens ProductCERT's SSA-229470 covers four flaws in the SICORE base system and CPCI85 central processing/communication firmware that underpin the SICAM A8000 (CP-8010/CP-8012 on SICORE; CP-8031/CP-8050 on CPCI85), SICAM EGS (CPCI85) and SICAM S8000 (SICORE) remote terminal units (Siemens ProductCERT, 2026-07-09). The advisory's stated aggregate impact is denial of service, but the individual issues span further: CVE-2026-54799 (CVSS v3.1 6.7, AV:L/PR:H) is a firmware-update signature-validation flaw that lets an attacker who already holds high privileges install malicious firmware for persistent code execution; CVE-2026-54801 (v3.1 7.2) lets an authenticated attacker bypass credential validation when the web API processes administrative-account modifications and gain elevated privileges; CVE-2026-54800 (v3.1 4.8) is an insecure default that disables all OPC UA security, letting a network attacker reach control functions; and CVE-2026-54798 (v3.1 6.5) is an HTTP-reachable debug interface an authenticated attacker can use to crash the web process. All are fixed in CPCI85 V26.20 / SICORE V26.20.0. CERT-FR/ANSSI republished the advisory the next day as CERTFR-2026-AVI-0860, giving European energy-sector operators a home-region authority citation (CERT-FR/ANSSI, 2026-07-10).
The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise.
The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized access and control over critical system functions.