← Back to home
ICSA-14-329-02D  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Siemens SIMATIC WinCC, PCS7, and TIA Portal Vulnerabilities

CVSS 10.0 CRITICAL

CVEs (2)

Remediations

  • Siemens has released updates for the following products and strongly encourages customers to upgrade to the new versions as soon as possible: TIA Portal V13 (including WinCC Professional Runtime) Upgrade to WinCC V13 Update 6: (http://support.automation.siemens.com/WW/view/de/90527654)
  • WinCC 7.0 Upgrade to WinCC 7.0 SP2 Update 11: (http://support.automation.siemens.com/WW/view/en/107174184)
  • WinCC V7.0 SP3 Upgrade to WinCC 7.0 SP3 Update 7: (http://support.automation.siemens.com/WW/view/en/109253830)
  • WinCC 7.2 Upgrade to WinCC 7.2 Update 9: (http://support.automation.siemens.com/WW/view/en/104151435)
  • WinCC 7.3 Upgrade to WinCC 7.3 Update 2: (http://support.automation.siemens.com/WW/view/en/105898606)
  • PCS 7 V7.1 SP4 Upgrade to WinCC 7.0 SP2 Update 11: (http://support.automation.siemens.com/WW/view/en/107174184)
  • Upgrade to OpenPCS 7 V7.1 SP4 Update 1: (http://support.automation.siemens.com/WW/view/en/106226043)
  • Upgrade to Route Control V7.1 SP2 Update 5: (http://support.automation.siemens.com/WW/view/en/106226043)
  • Upgrade to BATCH V7.1 SP1 Update 19: (http://support.automation.siemens.com/WW/view/en/106226043)
  • Upgrade to BATCH V7.1 SP2 Update 8: (http://support.automation.siemens.com/WW/view/en/106226043)
  • PCS 7 V8.0 SP2 Upgrade to WinCC 7.2 Update 9: (http://support.automation.siemens.com/WW/view/en/104151435)
  • Upgrade to OpenPCS 7 V8.0 Update 5: (http://support.automation.siemens.com/WW/view/en/106224418)
  • Upgrade to Route Control V8.0 Update 4: (http://support.automation.siemens.com/WW/view/en/106224418)
  • Upgrade to BATCH V8.0 Update 11: (http://support.automation.siemens.com/WW/view/en/106224418)
  • PCS 7 V8.1 Upgrade to WinCC 7.3 Update 2: (http://support.automation.siemens.com/WW/view/de/105898606)
  • Upgrade to OpenPCS 7 V8.1 Update 1: (http://support.automation.siemens.com/WW/view/en/106226042)
  • Upgrade to Route Control V8.1 Update 1: (http://support.automation.siemens.com/WW/view/en/106226042)
  • Upgrade to BATCH V8.1 Update 1: (http://support.automation.siemens.com/WW/view/en/106226042)
  • Until updates can be deployed, Siemens advises customers to mitigate the risk of their products by implementing the following: Always run WinCC server and engineering stations within a trusted network. Ensure that the WinCC server and the engineering workstations communicate through encrypted channels only (e.g., activate feature “Encrypted Communications” in WinCC V7.3, or establish a VPN tunnel). Restrict access to the WinCC server to trusted entities. Apply up-to-date application whitelisting software and virus scanners.
  • As a general security measure, Siemens strongly recommends protecting network access to the SIMATIC WinCC server with appropriate mechanisms. It is also advised to follow recommended security practices and to configure the environment according to operational guidelines in order to run the devices in a protected IT environment.
  • For more information on these vulnerabilities and detailed instructions, please see Siemens Security Advisory SSA-134508 at the following location: (http://www.siemens.com/cert/advisories)

Affected Vendors

Siemens

Affected Products (7)

Siemens · SIMATIC WinCC V7.0 SP3 and prior vers:all/*
Siemens · SIMATIC WinCC V7.2 <V7.2_Update_9
Siemens · SIMATIC WinCC V7.3 <V7.3_Update_2
Siemens · SIMATIC PCS 7 V7.1 SP4 and prior vers:all/*
Siemens · SIMATIC PCS 7 V8.0 <V8.0_SP2_with_WinCC_V7.2_Update_9
Siemens · SIMATIC PCS 7 V8.1 <with_WinCC_V7.3_Update_2
Siemens · TIA Portal V13 (including WinCC Professional Runtime) <V13_Update_6

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more