CVE-2020-15781

CVE-2020-15781

Vendor Siemens Ag
Product SICAM WEB firmware for SICAM A8000 RTUs
Weakness CWE-79 · XSS
Published August 14, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application.

Key dates

02Disclosure timeline

August 14, 2020 CVE published
August 4, 2024 Record updated