ICSA-20-161-05
·
Published 2025-05-06
·
View on CISA ICS-CERT ↗
Siemens SIMATIC, SINAMICS (Update C)
CVSS 7.8
HIGH
CVEs (2)
Remediations
- See recommendations from section Workarounds and Mitigations or upgrade to a newer SIMATIC PCS 7 version
- Update to V9.0 SP3 or later version
- Update to V9.2 or later version
- Update to V5.6 SP2 HF3 or later version
- Update to V5.4 HF2 or later version
- Restrict access to project files on the engineering station to trusted users.
- Only use project files from trusted sources.
Affected Vendors
Siemens
Affected Products (5)
Siemens
·
SIMATIC PCS 7 V8.2 and earlier
vers:all/*
Siemens
·
SIMATIC PCS 7 V9.0
<V9.0_SP3
Siemens
·
SIMATIC PDM
<V9.2
Siemens
·
SIMATIC STEP 7 V5.X
<V5.6_SP2_HF3
Siemens
·
SINAMICS STARTER (containing STEP 7 OEM version)
<V5.4_HF2
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more