Microsoft · Activex · CVE-2016-9160
**Name of the Vulnerable Software and Affected Versions**
SIEMENS SIMATIC WinCC versions prior to 7.2
SIEMENS SIMATIC PCS 7 versions prior to 8.0 SP1
**Description**
A remote attacker could crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.
**Recommendations**
For SIEMENS SIMATIC WinCC versions prior to 7.2, update to version 7.2 or later.
For SIEMENS SIMATIC PCS 7 versions prior to 8.0 SP1, update to version 8.0 SP1 or later.