← Back to home
ICSA-22-132-06  ·  Published 2023-11-14  ·  View on CISA ICS-CERT ↗

Siemens SIMATIC WinCC

CVSS 7.8 HIGH

CVEs (1)

Remediations

  • At least one default printer (but not a file based printer, as e.g. PDF/XPS printer) should be installed on the affected system
  • No file based printer, as e.g. PDF/XPS printers, should be installed on the affected system
  • Harden the application’s host to prevent local access by untrusted personnel
  • Update SIMATIC WinCC to V7.5 SP2 Update 8 or later version
  • Currently no fix is planned
  • Update to V7.4 SP1 Update 21 or later version
  • Update to V7.5 SP2 Update 8 or later version
  • Update to V9.0 SP3 UC06 or later version
  • Update SIMATIC WinCC to V7.4 SP 1 Update 21 or later version
  • Update to V9.1 SP1 UC01 or later version
  • Update to V17 Upd4 or later version

Affected Vendors

Siemens

Affected Products (8)

Siemens · SIMATIC PCS 7 V8.2 vers:all/*
Siemens · SIMATIC PCS 7 V9.0 <V9.0_SP3_UC06
Siemens · SIMATIC PCS 7 V9.1 <V9.1_SP1_UC01
Siemens · SIMATIC WinCC Runtime Professional V16 and earlier vers:all/*
Siemens · SIMATIC WinCC Runtime Professional V17 <V17_Upd4
Siemens · SIMATIC WinCC V7.3 vers:all/*
Siemens · SIMATIC WinCC V7.4 <V7.4_SP1_Update_21
Siemens · SIMATIC WinCC V7.5 <V7.5_SP2_Update_8

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more