Path Traversal Vulnerability in Siemens SIMATIC Products
CVE-2021-40358

9.9CRITICAL

Key Information:

Vendor: Siemens
Status: Simatic Pcs 7 V8.2; Simatic Pcs 7 V9.0; Simatic Pcs 7 V9.1; Simatic Wincc V15 And Earlier
Vendor: CVE Published:; 9 November 2021

Summary

A vulnerability exists in various versions of Siemens SIMATIC PCS 7 and WinCC. The flaw involves improper neutralization of special elements in the pathname during legitimate file operations on the web server. This allows attackers to manipulate the pathname to access files outside the restricted directory, potentially enabling unauthorized reading, writing, or deletion of sensitive files.

Affected Version(s)

SIMATIC PCS 7 V8.2 All versions

SIMATIC PCS 7 V9.0 All versions < V9.0 SP3 UC04

SIMATIC PCS 7 V9.1 All versions < V9.1 SP1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-84018...

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 9, 2021
Vulnerability Reserved
Sep 1, 2021