CVE-2020-28396

EPSS 0.17% · P38 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-28396

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a user´s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

保护机制失效

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Siemens产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Siemens SICAM A8000 CP-8000等都是德国西门子（Siemens）公司的一款用于继电保护与变电站环境的保护与间隔控制单元设备。 SICAM A8000存在安全漏洞，该漏洞源于产品的各种固件版本使用过时和不安全的密码，或者可以降级以使用过时和不安全的密码。攻击者可以利用该漏洞获得对进出设备的网络流量的未经授权的读取或写入访问权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Siemens	SICAM A8000 CP-8000	All versions < V16	-
Siemens	SICAM A8000 CP-8021	All versions < V16	-
Siemens	SICAM A8000 CP-8022	All versions < V16	-

II. Public POCs for CVE-2020-28396

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-28396

请登录查看更多情报信息。

SSA-415783 V1.0: Insecure SSL configuration in SICAM A8000 CP-8000, CP-8021 and CP-8022x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-062/x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-28396

Same Patch Batch · Siemens · 2020-12-14 · 17 CVEs total

CVE-2019-19283		Siemens XHQ 信息泄露漏洞
CVE-2019-19284		Siemens XHQ 跨站脚本漏洞
CVE-2019-19285		Siemens XHQ 跨站脚本漏洞
CVE-2019-19286		Siemens XHQ SQL注入漏洞
CVE-2019-19287		Siemens XHQ 信息泄露漏洞
CVE-2019-19288		Siemens XHQ 跨站脚本漏洞
CVE-2019-19289		Siemens XHQ 跨站请求伪造漏洞
CVE-2020-15796		Siemens SIMATIC Controller Web Servers 安全漏洞
CVE-2020-25228		Siemens LOGO! 8 BM 访问控制错误漏洞
CVE-2020-25229		Siemens LOGO! 8 BM 信任管理问题漏洞
CVE-2020-25230		Siemens LOGO! 8 BM 加密问题漏洞
CVE-2020-25231		Siemens LOGO! 8 BM 安全漏洞
CVE-2020-25232		Siemens LOGO! 8 BM 加密问题漏洞
CVE-2020-25233		Siemens LOGO! 8 BM 安全漏洞
CVE-2020-25234		Siemens LOGO! 8 BM 授权问题漏洞
CVE-2020-25235		Siemens LOGO! 8 BM 安全漏洞

IV. Related Vulnerabilities

Same vendor: Siemens

Same weakness: CWE-693

V. Comments for CVE-2020-28396

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-28396

I. Basic Information for CVE-2020-28396

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-28396

III. Intelligence Information for CVE-2020-28396

Same Patch Batch · Siemens · 2020-12-14 · 17 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-28396

Leave a comment