← Back to home
ICSA-11-244-01  ·  Published 2025-06-05  ·  View on CISA ICS-CERT ↗

Siemens WinCC Flexible Runtime Heap Overflow

CVSS 9.3 CRITICAL

CVEs (1)

Remediations

  • Siemens currently has no plans to patch this vulnerability. The WinCC flexible Runtime Loader and WinCC (TIA Portal) Runtime Advanced Loader feature is disabled by default and is only used when updating firmware. Siemens has updated the product documentation to advise users to disable this feature except when it is actively being used.
  • Siemens strongly recommends that their customers protect control systems according to Control Systems Security Program (CSSP) recommended security practices: (http://www.us-cert.gov/control_systems/practices/Recommended_Practices.html) and that they configure the environment according to the Siemens operational guidelines.
  • Siemens, PCS7 Security Concept Recommendations and Notes: (http://support.automation.siemens.com/WW/view/en/22229786).
  • Siemens Security Advisory can be found here: (http://support.automation.siemens.com/WW/view/de/29054992).
  • Users should monitor network traffic to 2308/TCP and control traffic to the WinCC system.

Affected Vendors

Siemens

Affected Products (2)

Siemens · Siemens SIMATIC WinCC flexible Runtime vers:all/*
Siemens · Siemens SIMATIC WinCC (TIA Portal) Runtime Advanced vers:all/*

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more