CVE-2024-35783

CWE-2503 documents3 sources

Severity

9.4CRITICAL

EPSS

0.2%

top 60.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic Batch V9.1 Siemens Simatic Information Server 2020 Siemens Simatic Information Server 2022 +8 more

Timeline

PublishedSep 10

Description

A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions < V2020 SP2 Update 5), SIMATIC Process Historian 2022 (All versions < V2022 SP1 Update 2), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professio…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Packages11 packages

▶CVEListV5siemens/simatic_wincc_runtime_professional_v18< V18 Update 5

▶CVEListV5siemens/simatic_wincc_runtime_professional_v19< V19 Update 3

▶CVEListV5siemens/simatic_information_server_2020< V2020 SP2 Update 5

▶CVEListV5siemens/simatic_information_server_2022< V2022 SP1 Update 2

▶CVEListV5siemens/simatic_process_historian_2020< V2020 SP2 Update 5

🔴Vulnerability Details

GHSA

GHSA-h5rg-jpqm-g43g: A vulnerability has been identified in SIMATIC BATCH V9↗2024-09-10

▶

CVEList

CVE-2024-35783: A vulnerability has been identified in SIMATIC BATCH V9↗2024-09-10

▶