Severity
Medium
Analysis Summary
Specially crafted messages sent to the RPC service of the affected products could cause a denial-of-service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality.
Impact
Denial of service
Affected Products
Siemens
SIMATIC PCS 7
SIMATIC WinCC
SIMATIC WinCC Runtime Professional
SIMATIC NET PC Software
Remediation
Siemens has released updates for several affected products and recommends users update to the new version.
https://support.industry.siemens.com/cs/ww/en/view/109761055
https://support.industry.siemens.com/cs/ww/en/view/109756847
https://support.industry.siemens.com/cs/ww/en/view/109756846
https://support.industry.siemens.com/cs/ww/en/view/109757796
https://support.industry.siemens.com/cs/ww/de/view/109762690
To obtain SIMATIC PCS 7 v8.2 SP1 contact local support.
To obtain SIMATIC PCS 7 v9.0 SP1 contact local support.
To obtain SIMATIC PCS 7 v8.2 SP1 contact local support.
https://support.industry.siemens.com/cs/ww/en/view/109759753
https://support.industry.siemens.com/cs/ww/en/view/109747394
SIMATIC WinCC v7.2 and earlier: Update to WinCC 7.2 Upd15:
https://support.industry.siemens.com/cs/ww/de/view/109762887
https://support.industry.siemens.com/cs/ww/en/view/109756123
https://support.industry.siemens.com/cs/ww/de/view/109762790