Buffer overflow in Siemens Simatic Pcs 7 V8.2 And Earlier
CVE-2020-7586
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (con…
Vulnerability class: Buffer Overflow
EPSS: 0.002 (35.6th percentile) — read the EPSS interpretation.
Affected products
- Siemens Simatic Pcs 7 V8.2 And Earlier — versions All versions
- Siemens Simatic Pcs 7 V9.0 — versions All versions < V9.0 SP3
- Siemens Simatic Pdm — versions All versions < V9.2
- Siemens Simatic Step 7 V5.x — versions All versions < V5.6 SP2 HF3
- Siemens Sinamics Starter (Containing Step 7 Oem Version) — versions All versions < V5.4 HF2
Weakness classification (CWE)
References
- cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf (x_refsource_MISC)
- www.us-cert.gov/ics/advisories/icsa-20-161-05 (x_refsource_MISC)
- us-cert.cisa.gov/ics/advisories/icsa-20-161-05 (x_refsource_CONFIRM)