CVE-2023-46280
published 2024-05-14CVE-2023-46280: A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1…
high8.2CVSS 4.0
AVLACLATNPRLUINVCNVINVAHSCNSINSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of b
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | security_configuration_tool | < * | * |
| siemens | simatic_automation_tool | < V5.0 SP2 | V5.0 SP2 |
| siemens | simatic_batch_v9.1 | < V9.1 SP2 Upd5 | V9.1 SP2 Upd5 |
| siemens | simatic_net_pc_software_v16 | < V16 Update 8 | V16 Update 8 |
| siemens | simatic_net_pc_software_v17 | < * | * |
| siemens | simatic_net_pc_software_v18 | < V18 SP1 | V18 SP1 |
| siemens | simatic_net_pc_software_v19 | < V19 Update 2 | V19 Update 2 |
| siemens | simatic_pcs_7_v9.1 | < V9.1 SP2 UC05 | V9.1 SP2 UC05 |
| siemens | simatic_pdm_v9.2 | < V9.2 SP2 Upd3 | V9.2 SP2 Upd3 |
| siemens | simatic_route_control_v9.1 | < V9.1 SP2 Upd3 | V9.1 SP2 Upd3 |
| siemens | simatic_s7-pct | < V3.5 SP3 Update 6 | V3.5 SP3 Update 6 |
| siemens | simatic_step_7_v5 | < V5.7 SP3 | V5.7 SP3 |
| siemens | simatic_wincc_oa_v3.17 | < * | * |
| siemens | simatic_wincc_oa_v3.18 | < V3.18 P025 | V3.18 P025 |
| siemens | simatic_wincc_oa_v3.19 | < V3.19 P010 | V3.19 P010 |
| siemens | simatic_wincc_runtime_advanced | < V17 Update 8 | V17 Update 8 |
| siemens | simatic_wincc_runtime_professional_v16 | < V16 Update 6 | V16 Update 6 |
| siemens | simatic_wincc_runtime_professional_v17 | < V17 Update 8 | V17 Update 8 |
| siemens | simatic_wincc_runtime_professional_v18 | < V18 Update 4 | V18 Update 4 |
| siemens | simatic_wincc_runtime_professional_v19 | < V19 Update 2 | V19 Update 2 |
| siemens | simatic_wincc_v7.4 | < * | * |
| siemens | simatic_wincc_v7.5 | < V7.5 SP2 Update 17 | V7.5 SP2 Update 17 |
| siemens | simatic_wincc_v8.0 | < V8.0 Update 5 | V8.0 Update 5 |
| siemens | sinamics_startdrive | < V19 SP1 | V19 SP1 |
| siemens | sinec_nms | < V3.0 | V3.0 |