Known vulnerabilities in Siemens SIMATIC PCS 7

Vendor: Siemens

Website: https://www.siemens.com/

Total Security Bulletins: 23

Security bulletins (23)

Secuity bulletin	Severity	Status	Published
SB2024091119: Execution with unnecessary privileges in Siemens SIMATIC SCADA and PCS 7 systems	Low	Patched	11.09.2024
SB2024071240: Information disclosure in Siemens SIMATIC WinCC	Medium	Patched	12.07.2024
SB2024041145: Denial of service in Siemens SIMATIC WinCC	Low	Patched	11.04.2024
SB2024022016: Multiple vulnerabilities in Siemens SIMATIC WinCC	Low	Patched	20.02.2024
SB2023061509: Remote code execution in Siemens SIMATIC STEP 7, SIMATIC PCS 7 and SIMATIC S7-PM	Medium	Patched	15.06.2023
SB2023061441: Use of Obsolete Function in Siemens SIMATIC WinCC, SIMATIC NET PC, SIMATIC PCS and SINAUT Software ST7sc	Low	Patched	14.06.2023
SB2022051718: Missing initialization of resource in Siemens SIMATIC WinCC	Low	Patched	17.05.2022
SB2022021107: Information disclosure in Siemens SIMATIC WinCC and SIMATIC PCS 7	Low	Patched	11.02.2022
SB2022021106: File and Directory Information Exposure in Siemens SIMATIC WinCC and SIMATIC PCS 7	Low	Patched	11.02.2022
SB2021111815: Multiple vulnerabilities in Siemens SIMATIC WinCC and SIMATIC PCS	Medium	Patched	18.11.2021
SB2021071421: Incorrect permission assignment for critical resource in Siemens SIMATIC Software Products	Low	Patched	14.07.2021
SB2021071420: Remote code execution in Siemens SIMATIC Software Products	Medium	Patched	14.07.2021
SB2021021127: Improper Authentication in Siemens SIMATIC WinCC and PCS 7	Low	Patched	11.02.2021
SB2020061031: Multiple vulnerabilities in Siemens SIMATIC, SINAMICS, SINEC, SINEMA and SINUMERIK	Low	Patched	10.06.2020
SB2020021208: Denial of service in Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC	Medium	Patched	12.02.2020
SB2019071205: Arbitrary file upload in Siemens SIMATIC WinCC Professional	Medium	Patched	12.07.2019
SB2019051415: Improper access control in Siemens SIMATIC WinCC	High	Not patched	14.05.2019
SB2018040201: Denial of service in Siemens SIMATIC Software	Low	Patched	02.04.2018
SB2017110303: Denial of service in Siemens SIMATIC PCS 7	Low	Patched	03.11.2017
SB2017090106: Information disclosure in Siemens industrial products	Low	Patched	01.09.2017
SB2014121901: Two vulnerabilities in Siemens SIMATIC WinCC	Critical	Patched Exploited	19.12.2014
SB2012072401: Insecure DLL loading in SIMATIC STEP 7 and PCS 7	Critical	Patched Exploited	24.07.2012
SB2010072103: Hardcoded credentials in Siemens SIMATIC WinCC and PSC 7 SCADA systems	High	Patched Exploited	21.07.2010