Denial of Service Vulnerability in SIMATIC WinCC
Monitor6.2SSA-730482Apr 9, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A vulnerability in the login dialog box of SIMATIC WinCC allows a local attacker to cause a denial of service condition in the SCADA runtime. The issue affects SIMATIC PCS 7 V9.1, SIMATIC WinCC Runtime Professional versions V17, V18, and V19, and SIMATIC WinCC versions V7.5 and V8.0. Exploitation requires local access to the WinCC operator or engineering workstation. Siemens has released patches for all affected versions.
What this means
What could happen
A local attacker with access to the WinCC operator console could trigger a denial of service condition that stops the SCADA runtime, disrupting real-time monitoring and control of critical industrial processes until the system is manually restarted.
Who's at risk
Energy sector operators using SIMATIC WinCC and PCS 7 SCADA systems. This affects WinCC versions 7.5, 8.0, and Runtime Professional versions 17–19 deployed as operator consoles, engineering workstations, or centralized monitoring stations in power generation, transmission, or distribution facilities.
How it could be exploited
An attacker with local access to a WinCC operator workstation manipulates the login dialog box to trigger a crash in the WinCC runtime process. This causes the SCADA system to become unresponsive and unable to execute control logic or monitor equipment.
Prerequisites
- Local access to the WinCC operator workstation or engineering station
- Ability to interact with the WinCC login dialog box
Local attack vector onlyLow complexity attackNo credentials required to triggerAffects SCADA runtime availability
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
SIMATIC PCS 7 V9.1All versions < V9.1 SP2 UC049.1 SP2 UC04
SIMATIC WinCC Runtime Professional V17All versions < V17 Update 817 Update 8
SIMATIC WinCC Runtime Professional V18All versions < V18 Update 418 Update 4
SIMATIC WinCC Runtime Professional V19All versions < V19 Update 119 Update 1
SIMATIC WinCC V7.5All versions < V7.5 SP2 Update 167.5 SP2 Update 16
SIMATIC WinCC V8.0All versions < V8.0 Update 58.0 Update 5
Remediation & Mitigation
0/7
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
SIMATIC PCS 7 V9.1
HOTFIXUpdate SIMATIC PCS 7 V9.1 to version 9.1 SP2 UC04 or later
SIMATIC WinCC Runtime Professional V17
HOTFIXUpdate SIMATIC WinCC Runtime Professional V17 to version 17 Update 8 or later
SIMATIC WinCC Runtime Professional V18
HOTFIXUpdate SIMATIC WinCC Runtime Professional V18 to version 18 Update 4 or later
SIMATIC WinCC Runtime Professional V19
HOTFIXUpdate SIMATIC WinCC Runtime Professional V19 to version 19 Update 1 or later
SIMATIC WinCC V7.5
HOTFIXUpdate SIMATIC WinCC V7.5 to version 7.5 SP2 Update 16 or later
SIMATIC WinCC V8.0
HOTFIXUpdate SIMATIC WinCC V8.0 to version 8.0 Update 5 or later
Long-term hardening
0/1HARDENINGRestrict physical and network access to WinCC operator and engineering workstations to authorized personnel only
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/76792bd1-a617-4b67-8280-ad97e68ba8a1