Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simatic_wincc
(Siemens)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 30 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-07-11 | CVE-2019-10935 | A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions <... | Simatic_pcs_7, Simatic_wincc, Simatic_wincc_runtime | 7.2 | ||
2019-05-14 | CVE-2019-10922 | A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No... | Simatic_pcs_7, Simatic_wincc | 9.8 | ||
2017-05-11 | CVE-2017-6867 | A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface. | Simatic_wincc, Simatic_wincc_\(Tia_portal\), Simatic_wincc_runtime | 4.9 | ||
2017-05-11 | CVE-2017-6865 | A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010... | Pcs_7, Primary_setup_tool, Security_configuration_tool, Simatic_automation_tool, Simatic_net_pc\-Software, Simatic_step_7_\(Tia_portal\), Simatic_step_7_micro\/win_smart, Simatic_winac_rtx_2010, Simatic_winac_rtx_f_2010, Simatic_wincc, Simatic_wincc_\(Tia_portal\), Simatic_wincc_flexible_2008, Sinaut_st7cc, Sinema_server, Sinumerik_808d_programming_tool, Smart_pc_access | 6.5 | ||
2016-12-17 | CVE-2016-9160 | A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. | Simatic_pcs_7, Simatic_wincc | 8.1 | ||
2016-11-15 | CVE-2016-7165 | A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic,... | Primary_setup_tool, Security_configuration_tool, Simatic_it_production_suite, Simatic_net_pc_software, Simatic_pcs7, Simatic_pcs_7, Simatic_step_7, Simatic_step_7_\(Tia_portal\), Simatic_winac_rtx_2010, Simatic_winac_rtx_f_2010, Simatic_wincc, Simatic_wincc_\(Tia_portal\), Simatic_wincc_runtime, Simit, Sinema_remote_connect, Sinema_server, Softnet_security_client, Telecontrol_basic | 6.4 | ||
2016-07-22 | CVE-2016-5744 | Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. | Simatic_wincc | 7.5 | ||
2016-07-22 | CVE-2016-5743 | Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. | Simatic_batch, Simatic_openpcs_7, Simatic_wincc | 9.8 | ||
2014-11-26 | CVE-2014-8552 | The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. | Simatic_pcs7, Simatic_pcs_7, Simatic_tiaportal, Simatic_wincc | N/A | ||
2014-11-26 | CVE-2014-8551 | The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. | Simatic_pcs7, Simatic_pcs_7, Simatic_tiaportal, Simatic_wincc | N/A |