ICSA-24-102-08
·
Published 2025-09-09
·
View on CISA ICS-CERT ↗
Siemens OPC Foundation Local Discovery Server Affecting Siemens Products
CVSS 7.8
HIGH
CVEs (1)
Remediations
- Update the underlying OPC Foundation Unified Architecture Local Discovery Server (UA-LDS) to [V1.04.405](https://opcfoundation.org/developer-tools/samples-and-tools-unified-architecture/local-discovery-server-lds/) or later if possible
- Currently no fix is planned
- Update to V16 Update 8 or later version
- Update to V17 SP1 Update 1 or later version
- Update to V18 Update 1 or later version
- Update to V18 Update 2 or later version
- Update to V18.0 SP1 Update 1 or later version
- Update to V3.1.2 or later version
- Update to V8.0 or later version
- In the context of SIMATIC PCS neo, update to SIMATIC PCS neo V4.1 or later version
Affected Vendors
Siemens
Affected Products (12)
Siemens
·
OpenPCS 7 V9.1
vers:all/*
Siemens
·
SIMATIC NET PC Software V14
vers:all/*
Siemens
·
SIMATIC NET PC Software V15
vers:all/*
Siemens
·
SIMATIC NET PC Software V16
<V16_Update_8
Siemens
·
SIMATIC NET PC Software V17
<V17_SP1_Update_1
Siemens
·
SIMATIC NET PC Software V18
<V18_Update_1
Siemens
·
SIMATIC Process Historian 2020 OPC UA Server
vers:all/*
Siemens
·
SIMATIC Process Historian 2022 OPC UA Server
<V2022_SP1
Siemens
·
SIMATIC WinCC
vers:intdot/<8.0
Siemens
·
SIMATIC WinCC Runtime Professional
<V18_Update_2
Siemens
·
SIMATIC WinCC Unified PC Runtime V18
<V18.0_SP1_Update_1
Siemens
·
TeleControl Server Basic V3
vers:intdot/<3.1.2
Affected Sectors
Energy, Transportation Systems, Water and Wastewater Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more