Publication Date: 2020-02-11
Last Update: 2022-04-12
Current Version: V1.7
CVSS v3.1 Base Score: 7.5

Affected Product and Versions Remediation
OpenPCS 7 V8.1:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
OpenPCS 7 V8.2:
All versions
See remediation for SIMATIC PCS 7 V8.2
See further recommendations from section Workarounds and Mitigations
OpenPCS 7 V9.0:
All versions < V9.0 Upd3
See remediation for SIMATIC PCS 7 V9.0
See further recommendations from section Workarounds and Mitigations
SIMATIC BATCH V8.1:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
SIMATIC BATCH V8.2:
All versions
See remediation for SIMATIC PCS 7 V8.2
See further recommendations from section Workarounds and Mitigations
SIMATIC BATCH V9.0:
All versions < V9.0 SP1 Upd5
See remediation for SIMATIC PCS 7 V9.0
See further recommendations from section Workarounds and Mitigations
SIMATIC NET PC Software V14:
All versions < V14 SP1 Update 14
Update to V14 SP1 Update 14 or later version
https://support.industry.siemens.com/cs/ww/en/view/109807351/
See further recommendations from section Workarounds and Mitigations
SIMATIC NET PC Software V15:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
SIMATIC NET PC Software V16:
All versions < V16 Update 1
Update to V16 Update 1 or later version
https://support.industry.siemens.com/cs/ww/en/view/109778547/
See further recommendations from section Workarounds and Mitigations
SIMATIC PCS 7 V8.1:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
SIMATIC PCS 7 V8.2:
All versions
Update to V8.2 SP1; then update WinCC to V7.4 SP1 Update 14 or later version on the same system
To obtain SIMATIC PCS 7 V8.2 SP1 contact your local support
See further recommendations from section Workarounds and Mitigations
SIMATIC PCS 7 V9.0:
All versions < V9.0 SP3
Update to V9.0 SP3 or later version
To obtain SIMATIC PCS 7 V9.0 SP3 contact your local support
See further recommendations from section Workarounds and Mitigations
SIMATIC Route Control V8.1:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
SIMATIC Route Control V8.2:
All versions
See remediation for SIMATIC PCS 7 V8.2
See further recommendations from section Workarounds and Mitigations
SIMATIC Route Control V9.0:
All versions < V9.0 Upd4
See remediation for SIMATIC PCS 7 V9.0
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC (TIA Portal) V13:
All versions < V13 SP2
Update to V13 SP2 or later version
https://support.industry.siemens.com/cs/ww/en/view/109759782/
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC (TIA Portal) V14:
All versions < V14 SP1 Update 10
Update to V14 SP1 Update 10 or later version
https://support.industry.siemens.com/cs/us/en/view/109747387/
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC (TIA Portal) V15.1:
All versions < V15.1 Update 5
Update to V15.1 Update 5 or later version
https://support.industry.siemens.com/cs/us/en/view/109763890/
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC (TIA Portal) V16:
All versions < V16 Update 1
Update to V16 Update 1 or later version
https://support.industry.siemens.com/cs/ww/en/view/109775861/
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC V7.3:
All versions
Currently no fix is planned
See recommendations from section Workarounds and Mitigations
SIMATIC WinCC V7.4:
All versions < V7.4 SP1 Update 14
Update to V7.4 SP1 Update 14 or later version
https://support.industry.siemens.com/cs/us/en/view/109779373/
See further recommendations from section Workarounds and Mitigations
SIMATIC WinCC V7.5:
All versions < V7.5 SP1 Update 1
Update to V7.5 SP1 Update 1 or later version
https://support.industry.siemens.com/cs/ww/en/view/109773812/
See further recommendations from section Workarounds and Mitigations

CVSS v3.1 Base Score 7.5
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE: CWE-131: Incorrect Calculation of Buffer Size

https://www.siemens.com/cert/advisories