ICSA-22-132-12
·
Published 2025-05-06
·
View on CISA ICS-CERT ↗
Siemens Industrial Products
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Deactivate the OPC LDS Service if supported by the product use case. The LDS service is not activated in the default configuration
- Use VPN for protecting network communication between cells
- Currently no fix is planned
- Update to V14 SP1 Update 14 or later version
- Update to V18 or later version
- Update to V18 Update 1 or later version
- Update to V3.1.1 or later version
- Update to V8.0 or later version
- Update to V16 Update 6 or later version
- Update to V2020 SP1 or later version
- For PCS neo: Update to PCS neo V3.1 SP1 ( https://support.industry.siemens.com/cs/ww/de/view/109807752/)
- For PCS 7: Update to PCS 7 V9.1 SP1 ( https://support.industry.siemens.com/cs/ww/en/view/109805073/)
- For WinCC: contact local support
- Update to V17 SP1 or later version
Affected Vendors
Siemens
Affected Products (10)
Siemens
·
OpenPCS 7 V9.1
vers:all/*
Siemens
·
SIMATIC NET PC Software V14
<V14_SP1_Update_14
Siemens
·
SIMATIC NET PC Software V15
vers:all/*
Siemens
·
SIMATIC NET PC Software V16
<V16_Update_6
Siemens
·
SIMATIC NET PC Software V17
<V17_SP1
Siemens
·
SIMATIC Process Historian OPC UA Server
<V2020_SP1
Siemens
·
SIMATIC WinCC
<V8.0
Siemens
·
SIMATIC WinCC Runtime Professional
<V18
Siemens
·
SIMATIC WinCC Unified PC Runtime V18
<V18_Update_1
Siemens
·
TeleControl Server Basic V3
<V3.1.1
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more