Vulnerability identifier: #VU63303
Vulnerability risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-909
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
SIMATIC PCS 7
Server applications /
SCADA systems
SIMATIC WinCC Runtime Professional
Server applications /
SCADA systems
Siemens SIMATIC WinCC
Server applications /
SCADA systems
Vendor: Siemens
Description
The vulnerability allows a local user to compromise the target system.
The vulnerability exists due to insecure default initialization of resource. A local user can escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
SIMATIC PCS 7: 9.0 - 9.1
SIMATIC WinCC Runtime Professional: 16.0 - 17.0
Siemens SIMATIC WinCC: 7.4 - 7.5
External links
http://cert-portal.siemens.com/productcert/txt/ssa-363107.txt
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.