PSS(R)CAPE:
CAPE 14 installations installed from material dated earlier than 2021-06-16
CAPE 14 installations installed from material dated 2021-06-16 or later are not affected, as they contain a fixed version of CodeMeter Runtime.
If CAPE 14 was initially installed using earlier material, install WIBU Systems CodeMeter Runtime V7.21a or V7.30a manually to fix the issue: Download the package from https://www.psscape.com/codemeter and install it the same way as documented for previous versions in the PSS CAPE 14 Installation Manual. Contact PSS(R)CAPE Support at psscape.support.energy@siemens.com if you need assistance with patching affected systems.Installations of PSS(R)CAPE are only affected if network access to CodeMeter Runtime is enabled. This is not the default configuration and is not necessary for any functionality in PSS(R)CAPE.
SIMATIC Information Server:
All versions >= 2019 SP1 < 2020 Upd1 only affected by
CVE-2021-20093
Update SIMATIC PCS neo to V3.1 or later version
To obtain SIMATIC PCS neo V3.1 contact your local support.
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running.
SIMATIC PCS neo:
All versions < V3.1 only affected by
CVE-2021-20093
Update to V3.1 or later version
To obtain SIMATIC PCS neo V3.1 contact your local support.
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running.
SIMATIC Process Historian (incl. Process Historian OPC UA Server):
All versions >= 2019 < 2020 Upd1 only affected by
CVE-2021-20093
Update SIMATIC PCS neo to V3.1 or later version
To obtain SIMATIC PCS neo V3.1 contact your local support.
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running.
SIMATIC WinCC OA V3.17:
All versions < V3.17 P013 only affected by
CVE-2021-20093
Update to V3.17 P013 or later version
https://www.winccoa.com/downloads/category/versions-patches.html
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).
SIMATIC WinCC OA V3.18:
All versions < V3.18 P002 only affected by
CVE-2021-20093
Update to V3.18 P002 or later version
https://www.winccoa.com/downloads/category/versions-patches.html
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running (for details refer to the updated security manual of WinCC OA).
SIMIT Simulation Platform:
All versions >= V10.0 < V10.3 Upd 1 only affected by
CVE-2021-20093
SINEC INS:
All versions < V1.0.1 Update 1 only affected by
CVE-2021-20093
Update to V1.0.1 Update 1 or later version
Alternatively, update CodeMeter Runtime to V7.21a: Download the package “CodeMeter User Runtime for Linux, version 7.21a, Driver-only” from the WIBU Systems User Software website. Install it on the system which runs SINEC INS by executing the following command:
“sudo dpkg –force-depends –force-confnew -i codemeter-7.21.4611.501_amd64.deb”
https://support.industry.siemens.com/cs/ww/en/view/109806100/
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.
SINEMA Remote Connect Server:
All versions < V3.0 SP2 only affected by
CVE-2021-20093
Update to V3.0 SP2 or later version
https://support.industry.siemens.com/cs/ww/en/view/109793790/
Limit remote access to port 22350/tcp on systems where the Codemeter runtime network server is running. Note that this is the default configuration, which therefore limits the exploitability to local attacks only.