PatchSiren cyber security CVE debrief
CVE-2016-8566 Siemens CVE debrief
CVE-2016-8566 is a credential-handling weakness in Siemens SICAM PAS before 8.00. According to the NVD record, an authenticated local attacker with certain privileges could possibly reconstruct passwords used by users to access the database. The issue was publicly disclosed on 2017-02-13 and later updated in the NVD record on 2026-05-13. Because the impact includes exposure of database access credentials, this is a high-priority issue for environments running affected Siemens SICAM PAS versions.
- Vendor
- Siemens
- Product
- CVE-2016-8566
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-13
- Advisory updated
- 2026-05-13
Who should care
OT/ICS operators using Siemens SICAM PAS, system administrators responsible for the host running the software, database administrators, and security teams managing privileged local access should prioritize this issue. Organizations that rely on database credentials protected by SICAM PAS are most exposed.
Technical summary
NVD maps the affected product as Siemens SICAM PAS/PQS versions before 8.00 and describes the weakness as storing passwords in a recoverable format. The attack requires a local, authenticated attacker with certain privileges. NVD assigns CVSS v3.1 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and CWE-255. The likely security consequence is disclosure of database-access passwords and resulting compromise of confidentiality, integrity, and availability within the affected environment.
Defensive priority
High. Although the attack requires local authenticated access, the potential to reconstruct database passwords can enable broader compromise of the affected system and connected data. In industrial or operational environments, credential exposure can have outsized impact, so remediation should be treated as urgent for any affected installation.
Recommended defensive actions
- Upgrade Siemens SICAM PAS to version 8.00 or later, following vendor guidance.
- Review and restrict local privileged access on hosts running SICAM PAS.
- Audit database accounts and rotate any credentials that may have been exposed.
- Check whether any downstream systems or services reuse affected credentials and rotate those as well.
- Consult the Siemens/ICS-CERT advisory for vendor-specific mitigation and validation steps.
- Monitor for unauthorized use of database credentials and unexpected local administrative activity.
Evidence notes
All statements are based on the supplied NVD-derived record and referenced advisory links. The affected version boundary (before 8.00), attack prerequisites (authenticated local attacker with certain privileges), impact (possible reconstruction of database-access passwords), CVSS vector, and CWE-255 come from the provided source item metadata. No exploit details or unsupported operational claims are included.
Official resources
-
CVE-2016-8566 CVE record
CVE.org
-
CVE-2016-8566 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource
Publicly disclosed on 2017-02-13 in the NVD record supplied here. The record was later modified on 2026-05-13; that later date reflects record maintenance, not the original vulnerability date.