Siemens SIMATIC STEP 7 and Derived Products

CVEs (1)

Remediations

• If multiple Engineering Systems are in use limit remote access to port 2638/tcp to trusted systems only
• If multiple Engineering Systems are in use ensure that the user accounts in use are restricted to the minimum required operating rights
• Or switch to "Single terminal system" (as described in the section Workarounds and Mitigations). Alternatively, consider migrating the STEP 7 project to the latest version of TIA Portal and uninstall S7-PM
• Update to V5.7 or later version
• Update to V5.7 SP1 HF1 or later version
• Update to V5.7 SP2 HF1 or later version
• Update to V9.1 SP2 UC04 or later version
• If only one Engineering System is in use, consider changing to "Single terminal system" mode in the "Configure SIMATIC Workspace/Workstation" application, under the "Workstation Configuration" tab. Restart the computer. More details can be found in the following FAQ: https://support.industry.siemens.com/cs/ww/en/view/109821340/

Affected Vendors

Affected Products (4)

Affected Sectors

Multiple