← Back to home
ICSA-17-045-03  ·  Published 2018-06-12  ·  View on CISA ICS-CERT ↗

ICSA-17-045-03 Siemens SIMATIC Authentication Bypass (Update D)

CVSS 9.0 CRITICAL

CVEs (1)

Remediations

  • Update to V1.5 SP3 Update 2 - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966
  • Install SIMATIC Logon update (can be installed without WinCC update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966
  • Install SIMATIC Logon update (can be installed without WinCC Runtime Professional update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966
  • Install SIMATIC Logon update (can be installed without PCS 7 update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966
  • Install SIMATIC Logon update (can be installed without PDM update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966
  • Install SIMATIC Logon update (can be installed without IT Production Suite update, see compatibility note on download page) - Download: https://support.industry.siemens.com/cs/ww/en/view/109744966

Affected Vendors

Siemens

Affected Products (6)

Siemens · SIMATIC Logon <V1.5_SP3_Update_2
Siemens · SIMATIC WinCC <V7.4_SP1
Siemens · SIMATIC WinCC Runtime Professional <V14_SP1
Siemens · SIMATIC PCS 7 <V8.2_SP1
Siemens · SIMATIC PDM <V9.1
Siemens · SIMATIC IT Production Suite <V7.1

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more