Roman Ilyin

**Name of the Vulnerable Software and Affected Versions** Siemens SIMATIC WinCC (TIA Portal) versions prior to 13 SP1 Siemens SIMATIC WinCC flexible versions prior to 2008 SP3 Up7 **Description** The issue concerns the remote-management module in certain Siemens products, where credentials are not properly encrypted in transit. This makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. **Recommendations** For Siemens SIMATIC WinCC (TIA Portal) versions prior to 13 SP1, update to version 13 SP1 or later. For Siemens SIMATIC WinCC flexible versions prior to 2008 SP3 Up7, update to version 2008 SP3 Up7 or later.

**Name of the Vulnerable Software and Affected Versions** Siemens WinCC (TIA Portal) version 11 **Description** The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash, by sending a crafted HTTP request to the HMI web application. **Recommendations** For version 11, apply the necessary patch or update to fix the issue, or consider temporarily restricting access to the HMI web application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Siemens WinCC (TIA Portal) version 11 **Description** The issue allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. **Recommendations** For version 11, update to a version that fixes this issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.