Multiple Vulnerabilities in Control Center Server (CCS)

Act Now9.9SSA-761844Apr 13, 2021

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Multiple vulnerabilities in Siemens Control Center Server (CCS) including authentication bypass, path traversal, information disclosure, privilege escalation, SQL injection, cross-site scripting, and insufficient logging. An attacker with network access could bypass authentication, escalate privileges, access sensitive configuration data, modify database records, or inject malicious code. PKE released an update (V1.5.0) that fixes most vulnerabilities except CVE-2019-18340. Versions 1.5.0 and later remain unpatched for the known flaws.

What this means

What could happen

An attacker with valid credentials could authenticate as another user, bypass authentication entirely, access sensitive configuration or operational data, modify database records, or execute commands on the CCS application—potentially affecting control logic, monitoring, or data integrity across your facility.

Who's at risk

Water authorities and electric utilities using Siemens Control Center Server (CCS) for SCADA coordination, alarm management, or process monitoring are affected. This includes facility operators who rely on CCS for supervisory control and data visibility across distributed control systems.

How it could be exploited

An attacker on your network could send a crafted request to the CCS web interface to bypass authentication, escalate privileges, extract configuration or user data, inject malicious SQL commands, or inject cross-site scripting payloads. Alternatively, if CCS ≥V1.5.0 is deployed, the attacker has no remediation path and exploits remain unpatched.

Prerequisites

Network access to CCS web interface (HTTP/HTTPS port)
Valid user credentials for some attack paths (authentication bypass exploits may not require valid credentials)
CCS version <V1.5.0 for patched versions; V1.5.0 and later have unpatched flaws

remotely exploitableauthentication bypass possiblelow complexity exploitationprivilege escalation possibleSQL injection possibleaffects SCADA/control coordination systemsno patch available for versions 1.5.0 and later

Exploitability

Low exploit probability (EPSS 0.7%)

Affected products (2)

1 with fix1 pending

ProductAffected VersionsFix Status

Control Center Server (CCS)<V1.5.01.5.0

Control Center Server (CCS)≥ V1.5.0No fix yet

Remediation & Mitigation

0/4

Do now

0/2

Control Center Server (CCS)

HARDENINGImplement network access controls to restrict CCS web interface access to authorized engineering workstations and administrative subnets only

All products

HOTFIXUpdate Control Center Server to version 1.5.0 or later

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Control Center Server (CCS)

HARDENINGEnable audit logging and monitor CCS logs for suspicious authentication attempts, failed logins, or SQL errors

WORKAROUNDDisable or restrict any CCS features not actively used in your control workflow

CVEs (12)

CVE-2019-13947 CVE-2019-18337 CVE-2019-18338 CVE-2019-18340 CVE-2019-18341 CVE-2019-18342 CVE-2019-19290 CVE-2019-19291 CVE-2019-19292 CVE-2019-19293 CVE-2019-19294 CVE-2019-19295

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/80a57c68-e9d5-435e-87a9-f28d448754fe