all InfoSec news
SSA-887249 V1.0: Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Multiple vulnerabilities were identified in the webserver of Q200 devices. These include Cross Site Request Forgery (CSRF), session fixation, missing secure flags in HTTP cookies and memory corruption issues due to missing input validation that could lead to remote code execution.
Siemens has released an update for POWER METER SICAM Q200 family and recommends to update to the latest version.
code code execution cookies corruption csrf devices forgery http input input validation interface memory memory corruption missing power remote code remote code execution request session siemens ssa the web update validation vulnerabilities web web interface webserver