Total vulnerabilities in the database
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
| Software | From | Fixed in |
|---|---|---|
| siemens / simatic_tiaportal | 13.0 | 13.0.x |
| siemens / simatic_wincc | 7.2-1 | 7.2-1.x |
| siemens / simatic_pcs7 | 8.0-sp1 | 8.0-sp1.x |
| siemens / simatic_pcs7 | 7.1-sp4 | 7.1-sp4.x |
| siemens / simatic_wincc | 7.2-6 | 7.2-6.x |
| siemens / simatic_wincc | 7.2-3 | 7.2-3.x |
| siemens / simatic_pcs7 | 7.1-sp3 | 7.1-sp3.x |
| siemens / simatic_pcs_7 | 7.1-sp1 | 7.1-sp1.x |
| siemens / simatic_wincc | 7.2-8 | 7.2-8.x |
| siemens / simatic_wincc | 7.0 | 7.0.x |
| siemens / simatic_pcs7 | 8.1 | 8.1.x |
| siemens / simatic_pcs7 | 8.0-sp2 | 8.0-sp2.x |
| siemens / simatic_tiaportal | 13.0-5 | 13.0-5.x |
| siemens / simatic_wincc | 7.0-sp2 | 7.0-sp2.x |
| siemens / simatic_wincc | 7.0-sp1 | 7.0-sp1.x |
| siemens / simatic_wincc | 7.2-2 | 7.2-2.x |
| siemens / simatic_wincc | 7.0-sp3 | 7.0-sp3.x |
| siemens / simatic_wincc | 7.2-7 | 7.2-7.x |
| siemens / simatic_wincc | 7.2-5 | 7.2-5.x |
| siemens / simatic_wincc | 7.3-1 | 7.3-1.x |
| siemens / simatic_tiaportal | 13.0-3 | 13.0-3.x |
| siemens / simatic_wincc | 7.2-4 | 7.2-4.x |