Remote Code Execution Vulnerability in Siemens SIMATIC WinCC and SIMATIC PCS 7

Remote Code Execution Vulnerability in Siemens SIMATIC WinCC and SIMATIC PCS 7

CVE-2016-5743 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.

Learn more about our Web Application Penetration Testing UK.