SINUMERIK ONE virtual: All versions prior to v6.14.SINEMA Server: All versions prior to v14 SP3.SIMATIC WinCC v7.5: All versions prior to v7.5 SP1 Update 3.SIMATIC WinCC v7.4: All versions prior to v7.4 SP1 Update 14.SIMATIC WinCC Runtime Professional v16: All versions prior to v16 Update 2.SIMATIC WinCC Runtime Professional v15: All versions prior to v15.1 Update 5.SIMATIC WinCC Runtime Professional v14: All versions.SIMATIC WinCC Runtime Professional v13: All versions prior to v13 SP2 Update 4.SIMATIC WinCC Runtime Advanced: All versions prior to v16 Update 2.SIMATIC WinCC OA v3.17: All versions prior to P003.SIMATIC WinCC OA v3.16: All versions prior to P018.SIMATIC STEP 7 (TIA Portal) v16: All versions prior to v16 Update 2.SIMATIC STEP 7 (TIA Portal) v15: All versions prior to v15.1 Update 5.SIMATIC WinCC Runtime Professional v14: All versions prior to v14 SP1 Update 10.SIMATIC STEP 7 (TIA Portal) v14: All versions prior to v14 SP1 Update 10.SIMATIC STEP 7 (TIA Portal) v13: All versions prior to SP2 Update 4.SIMATIC STEP 7: All versions prior to v5.6 SP2 HF3.SINAMICS STARTER: All versions prior to v5.4 HF2.SIMATIC S7-1500 Software Controller: All versions prior to v21.8.SIMATIC PCS neo: All versions prior to v3.0 SP1.SIMATIC NET PC software: All versions after v16 and prior to v16 Upd3.The following Siemens products are affected: Successful exploitation of this vulnerability could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. This updated advisory is a follow-up to the advisory update titled ICSA-20-161-04 Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update G) that was published June 8, 2021, to the ICS webpage on.
Vulnerability: Unquoted Search Path or Element.Equipment: SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK.
0 kommentar(er)
