CVE-2014-8552

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC WinCC versions 7.0 through 7.0 SP3 Siemens SIMATIC WinCC versions 7.2 through 7.2 before Update 9 Siemens SIMATIC WinCC versions 7.3 through 7.3 before Update 2 Siemens SIMATIC PCS 7 versions 7.1 through 7.1 SP4 Siemens SIMATIC PCS 7 versions 8.0 through 8.0 SP2 Siemens SIMATIC PCS 7 version 8.1 Siemens TIA Portal versions 13 through 13 before Update 6

Description The issue allows remote attackers to read arbitrary files via crafted packets.

Recommendations For Siemens SIMATIC WinCC versions 7.0 through 7.0 SP3, update to a version after SP3. For Siemens SIMATIC WinCC versions 7.2 through 7.2 before Update 9, update to Update 9 or later. For Siemens SIMATIC WinCC versions 7.3 through 7.3 before Update 2, update to Update 2 or later. For Siemens SIMATIC PCS 7 versions 7.1 through 7.1 SP4, update to a version after SP4. For Siemens SIMATIC PCS 7 versions 8.0 through 8.0 SP2, update to a version after SP2. For Siemens SIMATIC PCS 7 version 8.1, apply the necessary patch or update. For Siemens TIA Portal versions 13 through 13 before Update 6, update to Update 6 or later.