PT-2016-6668 · Siemens · Simatic Wincc+3
Publicado
2016-07-22
·
Atualizado
2016-11-28
·
CVE-2016-5743
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Siemens SIMATIC WinCC versions prior to 7.3 Update 10
Siemens SIMATIC WinCC versions prior to 7.4 Update 1
Siemens SIMATIC BATCH versions prior to 8.1 SP1 Update 9
Siemens SIMATIC OpenPCS 7 versions prior to 8.1 Update 3
Siemens SIMATIC OpenPCS 7 versions prior to 8.2 Update 1
Siemens SIMATIC WinCC Runtime Professional versions prior to 13 SP1 Update 9
Description
The issue allows remote attackers to execute arbitrary code via crafted packets.
Recommendations
For Siemens SIMATIC WinCC versions prior to 7.3 Update 10, update to version 7.3 Update 10 or later.
For Siemens SIMATIC WinCC versions prior to 7.4 Update 1, update to version 7.4 Update 1 or later.
For Siemens SIMATIC BATCH versions prior to 8.1 SP1 Update 9, update to version 8.1 SP1 Update 9 or later.
For Siemens SIMATIC OpenPCS 7 versions prior to 8.1 Update 3, update to version 8.1 Update 3 or later.
For Siemens SIMATIC OpenPCS 7 versions prior to 8.2 Update 1, update to version 8.2 Update 1 or later.
For Siemens SIMATIC WinCC Runtime Professional versions prior to 13 SP1 Update 9, update to version 13 SP1 Update 9 or later.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simatic Batch
Simatic Openpcs 7
Simatic Wincc
Simatic Wincc Runtime Professional