ICSA-20-196-05
·
Published 2022-08-09
·
View on CISA ICS-CERT ↗
Siemens UMC Stack (Update H)
CVSS 6.7
MEDIUM
CVEs (3)
Remediations
- Have the software running on systems within trusted networks
- CVE-2020-7581: Make sure that there is no executable at the following locations: C:\Program.exe, C:\Program Files\Common.exe, or C:\Program Files\Common Files\Siemens\Automation\Simatic.exe
- Currently no fix is planned
- Update to V16 Update 2 or later version
- Update to V3.0 SP1 or later version. To obtain SIMATIC PCS neo contact your local support.
- Update to V15.1 Update 5 or later version
- Update to V3.2 or later version
- Update to V8.1 or later version
- Update to V11.3 or later version
- Update to V3.3 or later version
- Update to V15 Update 4 or later version
- Update to V16 Update 1 or later version
- Update to V15 Update 3 or later version
- Update to V2.6 or later version
- Update to V8.0 or later version
Affected Vendors
Siemens
Affected Products (16)
Siemens
·
Opcenter Execution Discrete
<V3.2
Siemens
·
Opcenter Execution Foundation
<V3.2
Siemens
·
Opcenter Execution Process
<V3.2
Siemens
·
Opcenter Intelligence
<V3.3
Siemens
·
Opcenter Quality
<V11.3
Siemens
·
Opcenter RD&L
V8.0
Siemens
·
SIMATIC IT LMS
<V2.6
Siemens
·
SIMATIC IT Production Suite
<V8.0
Siemens
·
SIMATIC Notifier Server for Windows
vers:all/*
Siemens
·
SIMATIC PCS neo
<V3.0_SP1
Siemens
·
SIMATIC STEP 7 (TIA Portal) V15
<V15.1_Update_5
Siemens
·
SIMATIC STEP 7 (TIA Portal) V16
<V16_Update_2
Siemens
·
SIMOCODE ES V15.1
<V15.1_Update_4
Siemens
·
SIMOCODE ES V16
<V16_Update_1
Siemens
·
Soft Starter ES V15.1
<V15.1_Update_3
Siemens
·
Soft Starter ES V16
<V16_Update_1
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more