SSA-931064 (Last Update: 2018-06-12): Authentication Bypass in SIMATIC Logon

Published

2018-06-12 00:00:00

Summary

The latest update for SIMATIC Logon fixes a security vulnerability that could allow attackers to circumvent user authentication under certain conditions.

SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM, and SIMATIC IT Production Suite provide SIMATIC Logon as component of the product. Installing the SIMATIC Logon update fixes the vulnerability for all products mentioned below.

Source

https://cert-portal.siemens.com/productcert/pdf/ssa-931064.pdf