PCS 7 V8.1: all versions prior to V8.1 with STEP 7 SP4 HF4 and CFC V8.1 Upd1.PCS 7 V8.0 SP2: all versions prior to V8.0 SP2 with STEP 7 V5.5 SP3 HF10 and CFC V8.0 SP4 Upd9.SIMATIC PCS 7 (as STEP 7 and CFC are incorporated).STEP 7 V5.5 SP4: all versions prior to V5.5 SP4 HF4.STEP 7 V5.5 SP3: all versions prior to V5.5 SP3 HF10.STEP 7 V5.5 SP2: all versions prior to V5.5 SP2 HF7.STEP 7 V5.5 SP1: all versions prior to V5.5 SP1 HF2.CFC V8.1: all versions prior to V8.1 Upd1.CFC V8.0 SP4: all versions prior to V8.0 SP4 Upd 9.STARTER: all versions prior to V4.4 HF3.SIMOTION Scout: all versions prior to V4.4.
SIMATIC ProSave: all versions prior to V13 SP1.The following Siemens products are affected: Siemens has produced updates for each of these products that mitigates this vulnerability. Ivan Sanchez from WiseSecurity Team has identified a search path vulnerability in the Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER applications. This updated advisory is a follow-up to the original advisory titled ICSA-15-064-02 Siemens SIMATIC ProSave, SIMATIC CFC, SIMATIC STEP 7, SIMOTION Scout, and STARTER Insufficiently Qualified Paths that was published March 5, 2015, on the NCCIC/ICS‑CERT web site.
0 kommentar(er)
