CVE-2016-5849

Published: 04/07/2016 Updated: 17/10/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 2.5 | Impact Score: 1.4 | Exploitability Score: 1

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Siemens SICAM PAS up to and including 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens sicam pas/pqs

Vuln drains energy sector control kit

The Register • Team Register • 05 Jul 2016

One patched, one to go

The US industrial control system computer emergency response team (ICS-CERT) has warned of twin flaws in substation control software. The SICAM Power Automation System contains poorly protected credentials (CVE-2016-5848) and information exposure (CVE-2016-5849) found by Russian researchers Ilya Karpov and Dmitry Sklyarov of Positive Technologies. The CERT warns lowly hackers could exploit the holes but only with pre-existing local access, greatly limiting the exposure. "An authenticated local u...

CVE-2016-5849

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect