The SICAM A8000 RTU (Remote Terminal Unit) series is a modular family of devices for remote control and automation applications in all areas of energy supply. A hard-coded credentials vulnerability exists in the CPCI85 firmware of the Siemens SICAM A8000 device, which can be exploited by an attacker to log in to the device via SSH. Only devices with activated debugging support are affected.