SecurityWeek reports that power grids could be compromised with the exploitation of a critical vulnerability impacting Siemens' Sicam A8000 CP-8031 and CP-8050 remote terminal units with the CPCI85 firmware used in substations.
Threat actors could leverage the flaw, tracked as CVE-2023-28489, to facilitate device takeovers and prompt power grid destabilization that may lead to blackouts as well as backdoor deployment, according to SEC Consult Vulnerability Lab Head Johannes Greil, who was part of the team who identified the now-patched bug.
"It cannot be ruled out though that some devices might be reachable through third party support access connections or potential misconfigurations," added Greil.
Aside from applying patches available in firmware versions CPCI85 V05 or later, organizations leveraging the vulnerable RTUs could also mitigate exploitation through restricted web server access on TCP ports 80 and 443. Such a flaw has also been a subject of an advisory from the Cybersecurity and Infrastructure Security Agency last month.
France-based information and communication standards development and testing nonprofit European Telecommunications Standards Institute had its data compromised after its member portal was impacted by a cyberattack, SecurityWeek reports.