Siemens SIMATIC TIA Portal 13.x < 13 Upd6 Remote Code Execution
Critical Nessus Plugin ID 81299
SynopsisThe remote host is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of Siemens SIMATIC TIA Portal installed that is 13.x prior to 13 update 6 (1300.6.201.1). It is, therefore, affected by an unspecified flaw in the WinCC component that allows an unauthenticated, remote attacker to execute arbitrary code or extract arbitrary files via specially crafted packets sent to the WinCC server.
SolutionUpgrade to Siemens SIMATIC TIA Portal version 13 Upd6 (1300.6.201.1) or later.