RSS   Vulnerabilities for 'Simatic pcs 7'   RSS

2018-04-24
 
CVE-2018-4832

CWE-20
 

 
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions < V8.2 SP1), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < SIMATIC BATCH V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < SIMATIC BATCH V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 SP1), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC-Software (All versions), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions < V8.2 SP1), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd4). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality.

 
2016-12-16
 
CVE-2016-9160

 

 
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.

 
2016-11-15
 
CVE-2016-7165

CWE-284
 

 
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).

 
2014-11-26
 
CVE-2014-8552

CWE-200
 

 
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.

 
 
CVE-2014-8551

CWE-94
 

 
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.

 
2010-07-22
 
CVE-2010-2772

CWE-255
 

 
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.

 

 >>> Vendor: Siemens 363 Products
Reliant unix
Hinet lp
3568i wap
M45
S45
S55
Santis 50
Speedstream wireless router
Gigaset se361 wlan router
Speedstream 6520
Speedstream 5200
Gigaset wlan camera
Gigaset c450 ip
Gigaset c475 ip
Gigaset se461 wimax router
Simatic pcs 7
Simatic wincc
Simatic wincc flexible runtime
Simatic wincc runtime
Tecnomatix factorylink
Simatic hmi panels
Wincc
Wincc flexible
Wincc flexible runtime
Wincc runtime advanced
Automation license manager
Scalance s firmware
Scalance s602
Scalance s612
Scalance s613
Scalance x-300 firmware
Scalance x-300eec firmware
Scalance x308-2m firmware
Scalance x414-3e firmware
Scalance xr-300 firmware
Scalance x-300
Scalance x-300eec
Scalance x308-2m
Scalance x414-3e
Scalance xr-300
Simatic pcs7
Simatic step 7
Simatic s7-400 cpu 412-2 pn
Simatic s7-400 cpu 414-3 pn/dp
Simatic s7-400 cpu 414f-3 pn/dp
Simatic s7-400 cpu 416-3 pn/dp
Simatic s7-400 cpu 416f-3 pn/dp
Simatic s7-400 cpu firmware
Synco ozw web server
Synco ozw web server firmware
Comos
Simatic s7-1200 plc
Sipass integrated
Processsuite
ROS
Rox i os
Rox ii os
Ruggedmax os
Simatic rf-manager
Simatic rf-manager 2008
Wincc tia portal
Scalance x204irt
Scalance x202-2irt
Scalance x202-2p irt
Scalance x201-3p irt
Scalance x200-4p irt
Scalance xf204irt
Scalance x200irt firmware
Openscape session border controller
Enterprise openscape branch
Scalance w744-1
Scalance w744-1pro
Scalance w746-1
Scalance w746-1pro
Scalance w747-1
Scalance w747-1rr
Scalance w784-1
Scalance w784-1rr
Scalance w786-1pro
Scalance w786-2pro
Scalance w786-2rr
Scalance w786-3pro
Scalance w788-1pro
Scalance w788-1rr
Scalance w788-2pro
Scalance w788-2rr
Scalance w700 series firmware
Scalance x-200
Scalance x-200rna
Scalance xf-200
Scalance x-200 series firmware
Sinamics g110
Sinamics g110d
Sinamics g120
Sinamics g120c
Sinamics g120d
Sinamics g120p
Sinamics g130
Sinamics g150
Sinamics g180
See all Products for Vendor Siemens


Copyright 2019, cxsecurity.com

 

Back to Top