The Siemens SICAM A8000 is a protection and interval control unit device for relay protection and substation environments from Siemens, Germany. A command injection vulnerability exists in the Siemens SICAM A8000. The vulnerability stems from the device’s failure to properly filter constructed command special characters, commands, etc. An attacker could use this vulnerability to execute arbitrary code on the device.