VDB
ICSA-24-102-08
ICSA-24-102-08
PUBLISHED
CVSS 7.800000190734863 HIGH
A vulnerability was identified in OPC Foundation Local Discovery Server which also affects Siemens products that could allow an attacker to escalate privileges under certain circumstances. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC NET PC Software V17 | ||
| SIMATIC NET PC Software V15 | ||
| SIMATIC WinCC | ||
| SIMATIC Process Historian 2022 OPC UA Server | ||
| SIMATIC WinCC Runtime Professional | ||
| SIMATIC Process Historian 2020 OPC UA Server | ||
| SIMATIC NET PC Software V18 | ||
| TeleControl Server Basic V3 | ||
| SIMATIC WinCC Unified PC Runtime V18 | ||
| SIMATIC NET PC Software V14 | ||
| OpenPCS 7 V9.1 | ||
| SIMATIC NET PC Software V16 |
Timeline
- Apr 11, 2023 CVE Published
- Sep 9, 2025 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-556635.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-556635.html advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-556635.pdf advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-556635.txt advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-08.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-08 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://support.industry.siemens.com/cs/ww/en/view/109955177/ fix
- https://cert-portal.siemens.com/productcert/csaf/ssa-691715.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-691715.html advisory
- https://support.industry.siemens.com/cs/ww/en/view/109974091/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109820674/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109826242/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109807123/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109816599/ fix