Siemens SIMATIC WinAC RTX (F) 2010 (Update A)

Plan Patch7.5ICS-CERT ICSA-19-281-03Oct 8, 2019

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

SIMATIC WinAC RTX (F) 2010 contains a denial-of-service vulnerability (CWE-410) that allows a remote attacker to crash or freeze the controller's service without authentication. Affected versions are all releases prior to SP3 Update 1. When the service becomes unresponsive, the PLC stops executing control logic, halting automated process operations.

What this means

What could happen

A remote attacker can cause the WinAC RTX controller to stop responding to legitimate commands, disrupting automated process logic and control operations without authentication or user interaction.

Who's at risk

Water and electric utilities using SIMATIC WinAC RTX (F) 2010 as a soft PLC for process automation and control logic. Affects any facility relying on WinAC for equipment control, pump operations, valve positioning, or real-time process management.

How it could be exploited

An attacker on the network sends specially crafted requests to the vulnerable service port on the WinAC RTX host. The service crashes or becomes unresponsive, halting the execution of control logic and process automation until the host is manually restarted.

Prerequisites

Network access to the WinAC RTX host and the port running the vulnerable service
No credentials or special configuration required

Remotely exploitableNo authentication requiredLow complexity attackAffects availability of control systemsNo patch available for all versions

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

SIMATIC WinAC RTX (F) 2010: All<SP3 Update 1SP3 Update 1

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to the host containing the affected service using firewall rules or network segmentation

WORKAROUNDIf the service is not used as a server, disable communications on the vulnerable service port using Windows Firewall

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC WinAC RTX (F) 2010 to SP3 Update 1 or later

Long-term hardening

0/1

HARDENINGIsolate WinAC RTX controllers behind firewalls and segment from the business network to minimize network exposure

CVEs (1)

CVE-2019-13921

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/bac3fae6-3f48-48d8-a3ca-7eb421f9998f