CVE-2024-52051

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.0HIGH

EPSS

0.1%

top 83.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic S7-plcsim V17 Siemens Simatic S7-plcsim V18 Siemens Simatic Step 7 Safety V17 +31 more

Timeline

PublishedDec 10

Description

A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 9), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety V19 (All versions < V19 Update 4), SIMATIC STEP 7 V17 (All versions < V17 Update 9), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions < V19 Update 4), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC Unified PC Runtime V19 (All…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages34 packages

▶CVEListV5siemens/simatic_wincc_unified_pc_runtime_v18< *

▶CVEListV5siemens/simatic_wincc_unified_pc_runtime_v19< V19 Update 4

▶CVEListV5siemens/simatic_wincc_unified_v17< V17 Update 9

▶CVEListV5siemens/simatic_wincc_unified_v18< *

▶CVEListV5siemens/simatic_wincc_unified_v19< V19 Update 4

🔴Vulnerability Details

GHSA

GHSA-x2qg-388q-986c: A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17 (All vers↗2024-12-10

▶

CVEList

CVE-2024-52051: A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17 (All vers↗2024-12-10

▶