Siemens Simatic Wincc V7.4 vulnerabilities

15 known vulnerabilities affecting siemens/simatic_wincc_v7.4.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL2HIGH11MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2024-35783CRITICALCVSS 9.4fixed in *2024-09-10

CVE-2024-35783 [CRITICAL] CWE-250 CVE-2024-35783: A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions < V2020 SP2 Update 5), SIMATIC Process Hi

cvelistv5nvd

CVE-2024-30321HIGHCVSS 8.2fixed in V7.4 SP1 Update 232024-07-09

CVE-2024-30321 [HIGH] CWE-359 CVE-2024-30321: A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Wi A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 23), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC Win

cvelistv5nvd

CVE-2023-46280HIGHCVSS 8.2fixed in *2024-05-14

CVE-2023-46280 [HIGH] CWE-125 CVE-2023-46280: A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Aut A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMAT

cvelistv5nvd

CVE-2023-48363HIGHCVSS 7.1fixed in *2024-02-13

CVE-2023-48363 [HIGH] CWE-476 CVE-2023-48363: A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V1

cvelistv5nvd

CVE-2023-48364HIGHCVSS 7.1fixed in *2024-02-13

CVE-2023-48364 [HIGH] CWE-476 CVE-2023-48364: A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V1

cvelistv5nvd

CVE-2023-28831HIGHCVSS 8.7fixed in *2023-09-12

CVE-2023-28831 [HIGH] CWE-190 CVE-2023-28831: The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnera The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

cvelistv5nvd

CVE-2022-24287HIGHCVSS 7.8vAll versions < V7.4 SP1 Update 212022-05-20

CVE-2022-24287 [HIGH] CWE-1188 CVE-2022-24287: A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All ve A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC

cvelistv5nvd

CVE-2021-40363HIGHCVSS 7.8vAll versions < V7.4 SP1 Update 192022-02-09

CVE-2021-40363 [HIGH] CWE-538 CVE-2021-40363: A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All ve A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <=

cvelistv5nvd

CVE-2021-40360HIGHCVSS 8.8vAll versions < V7.4 SP1 Update 192022-02-09

CVE-2021-40360 [HIGH] CWE-200 CVE-2021-40360: A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All ve A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions <

cvelistv5nvd

CVE-2021-40358CRITICALCVSS 9.8vAll versions < V7.4 SP1 Update 192021-11-09

CVE-2021-40358 [CRITICAL] CWE-22 CVE-2021-40358: A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All ve A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7

cvelistv5nvd

CVE-2021-40359HIGHCVSS 7.5vAll versions < V7.4 SP1 Update 192021-11-09

CVE-2021-40359 [HIGH] CWE-22 CVE-2021-40359: A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC So

cvelistv5nvd

CVE-2021-40364MEDIUMCVSS 5.5vAll versions < V7.4 SP1 Update 192021-11-09

CVE-2021-40364 [MEDIUM] CWE-532 CVE-2021-40364: A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All ve A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.

cvelistv5nvd

CVE-2020-7580MEDIUMCVSS 6.7vAll versions < V7.4 SP1 Update 142020-06-10

CVE-2020-7580 [MEDIUM] CWE-428 CVE-2020-7580: A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Softwa

cvelistv5nvd

CVE-2019-19282HIGHCVSS 7.5vAll versions < V7.4 SP1 Update 142020-03-10

CVE-2019-19282 [HIGH] CWE-131 CVE-2019-19282: A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET

cvelistv5nvd

CVE-2018-4832HIGHCVSS 7.5vAll versions < V7.4 SP1 Upd 42018-04-24

CVE-2018-4832 [HIGH] CWE-20 CVE-2018-4832: A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (Al A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All ver

cvelistv5nvd