ICSA-21-040-09
·
Published 2021-02-09
·
View on CISA ICS-CERT ↗
SIMATIC WinCC Graphics Designer
CVSS 6.2
MEDIUM
CVEs (1)
Remediations
- Tailor user privileges to each user's specific needs (need-to-know principle)
- Limit access to the affected products by implementing strict access control mechanisms
- Specific for PCS 7: The affected WinCC-feature is not officially supported and not used by PCS 7. We recommend not to use it and apply the measures described in SIMATIC PCS 7 Compendium Part F.
- The affected WinCC-feature is not officially supported and not used by PCS 7. We recommend not to use it and apply the measures described in SIMATIC PCS 7 Compendium Part F.
- Update to V7.5 SP2 or later version
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
SIMATIC PCS 7
vers:all/*
Siemens
·
SIMATIC WinCC
<V7.5_SP2
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more