#VU58236 Path traversal in SIMATIC PCS 7 and Siemens SIMATIC WinCC


Published: 2021-11-18

Vulnerability identifier: #VU58236

Vulnerability risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-40359

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SIMATIC PCS 7
Server applications / SCADA systems
Siemens SIMATIC WinCC
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote authenticated attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

SIMATIC PCS 7: 8.2 - 9.1

Siemens SIMATIC WinCC: 7.4 - 17


CPE

External links
http://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability