This security bulletin contains one high risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions when installations have not “Encrypted Communication” configured. A remote unauthenticated attacker with network access may be able to execute arbitrary code.Mitigation
Siemens SIMATIC WinCC: 5.0 - v11
SIMATIC PCS 7: 6.1 - 9.0CPE2.3
Q & A
Can this vulnerability be exploited remotely?
How the attacker can exploit this vulnerability?
Is there known malware, which exploits this vulnerability?