← Back to home
ICSA-23-166-05  ·  Published 2023-06-13  ·  View on CISA ICS-CERT ↗

Siemens SIMATIC WinCC

CVSS 3.9 LOW

CVEs (1)

Remediations

  • Disable the legacy OPC DA/HDA/AE services and switch to OPC UA, if possible
  • Ensure that only trusted users are part of the SIMATIC HMI group
  • Currently no fix is planned
  • Update to V8.0 or later version
  • SINATIC NET PC Software: Ensure that only trusted users are part of the SIMATIC Net group

Affected Vendors

Siemens

Affected Products (7)

Siemens · SIMATIC NET PC Software V14 vers:all/*
Siemens · SIMATIC NET PC Software V15 vers:all/*
Siemens · SIMATIC PCS 7 V8.2 vers:all/*
Siemens · SIMATIC PCS 7 V9.0 vers:all/*
Siemens · SIMATIC PCS 7 V9.1 vers:all/*
Siemens · SIMATIC WinCC vers:all/<V8.0
Siemens · SINAUT Software ST7sc vers:all/*

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more