Siemens SIMATIC WinCC and PCS

CVSS 6.3 MEDIUM

CVEs (2)

CVE-2021-40360 CVE-2021-40363

Currently no fix is planned
Update to V16 Update 5 or later version
Update to V17 Update 2 or later version
Update to V7.4 SP1 Update 19 or later version
Update to V7.5 SP2 Update 6 or later version
Install SIMATIC WinCC V7.4 SP1 Update 19 or later version
Update to V9.0 SP3 UpdateCollection04 or later version
Update to V9.1 SP1 or later version
Update to V15 SP1 Update 7 or later version
CVE-2021-40363: Harden the application's host to prevent local access by untrusted personnel
Update to V17 Update 4 or later version

Siemens

Siemens · SIMATIC PCS 7 V8.2 vers:all/*

Siemens · SIMATIC PCS 7 V9.0 vers:all/*

Siemens · SIMATIC PCS 7 V9.1 <V9.1_SP1

Siemens · SIMATIC WinCC V15 and earlier <V15_SP1_Update_7

Siemens · SIMATIC WinCC V16 <V16_Update_5

Siemens · SIMATIC WinCC V17 <V17_Update_2

Siemens · SIMATIC WinCC V17 >=V17_Update_2_<V17_Update_4

Siemens · SIMATIC WinCC V7.4 <V7.4_SP1_Update_19

Siemens · SIMATIC WinCC V7.5 <V7.5_SP2_Update_6

Multiple

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.