← Back to home
SIEMENS-SSA-931064  ·  Published 2018-06-12  ·  View on Siemens ProductCERT ↗

SSA-931064 (Last Update: 2018-06-12): Authentication Bypass in SIMATIC Logon

CVSS N/A MEDIUM

Risk Summary

<p>The latest update for SIMATIC Logon fixes a security vulnerability that could allow attackers to circumvent user authentication under certain conditions.</p> <p>SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM, and SIMATIC IT Production Suite provide SIMATIC Logon as component of the product. Installing the SIMATIC Logon update fixes the vulnerability for all products mentioned below.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-931064 (Last Update: 2018-06-12): Authentication Bypass in SIMATIC Logon See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more