OTPulse
FeedAboutContact

Siemens SIMATIC eaSie PCS 7 Skill Package

Monitor6.5ICS-CERT ICSA-21-350-11Dec 14, 2021
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

SIMATIC eaSie PCS 7 Skill Package (versions before 21.00 SP3) contains a path traversal vulnerability in the application server that allows an authenticated remote user to read arbitrary files. The attacker could access files outside the intended application directories by crafting malicious requests.

What this means
What could happen
An authenticated user on your control system network could read sensitive files from the PCS 7 application server, potentially exposing process configurations, credentials, or other operational data.
Who's at risk
Organizations running Siemens SIMATIC eaSie PCS 7 Skill Package for process control systems should prioritize this—particularly utilities and manufacturing facilities relying on PCS 7 for SCADA/process automation. Risk is highest if the system is accessible from engineering networks or remote access solutions.
How it could be exploited
An attacker with valid credentials to the SIMATIC eaSie PCS 7 Skill Package (such as an engineering workstation account or remote access) could craft requests using path traversal techniques to access files outside the intended application directories, allowing unauthorized file read access on the server.
Prerequisites
  • Valid authentication credentials for SIMATIC eaSie PCS 7 Skill Package
  • Network access to the PCS 7 application server
  • Version prior to 21.00 SP3
Remotely exploitableRequires valid credentials (moderate barrier)Low attack complexityCould expose sensitive process data and credentialsAffects control system configuration and operational data
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC eaSie PCS 7 Skill Package<V21.00 SP321.00 SP3
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGRestrict network access to PCS 7 application server using firewall rules—limit access to engineering workstations and authorized personnel only
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC eaSie PCS 7 Skill Package to version 21.00 SP3 or later
HARDENINGReview and audit user accounts with access to the PCS 7 Skill Package; remove unnecessary administrative privileges
Long-term hardening
0/1
HARDENINGImplement network segmentation to isolate the PCS 7 application server from untrusted networks and the internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d9a75d66-9911-4682-bab8-e012e97a77d6
Siemens SIMATIC eaSie PCS 7 Skill Package | CVSS 6.5 - OTPulse