CISA 2026-04-02

Siemens SICAM 8 Products

Machine-generated analysis · WAYSCloud LLM

Multiple SICAM 8 products are affected by denial-of-service vulnerabilities triggered by high-volume requests. Siemens has released firmware version 26.10 to address these issues.

Context

The affected products are Siemens SICAM 8 devices, including CPCI85 central processing/communication units, RTUM85 RTU base units, and SICORE base systems. The advisory states that sending multiple requests can exhaust resources, preventing parameterization and requiring a reset or reboot to restore functionality. The advisory notes these products are used in critical manufacturing sectors.

Operator considerations

Check: Inventory for affected Siemens SICAM 8 product versions below 26.10.
Patch: Update to firmware version 26.10 or later as provided by Siemens.

From Cybersecurity and Infrastructure Security Agency ↗

Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 - SICORE - RTUM85 Siemens has released new versions for the affected products and recommends to update to the latest versions.

The following versions of Siemens SICAM 8 Products are affected:

CPCI85 Central Processing/Communication vers:intdot/

Read the full advisory on CISA →