siemens simatic-wincc-runtime-advanced CVE-2021-25662 is a vulnerability in Siemens Simatic Wincc Runtime Advanced
Published on May 12, 2021

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.

NVD

Weakness Type

Improper Handling of Exceptional Conditions

The software does not handle or incorrectly handles an exceptional condition.


Products Associated with CVE-2021-25662

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-25662 are published in Siemens Simatic Wincc Runtime Advanced:

Siemens Simatic Wincc Runtime Advanced
 

Affected Versions

Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants): Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants): Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants): Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants): Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F: Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F: Siemens SIMATIC WinCC Runtime Advanced V15: Siemens SIMATIC WinCC Runtime Advanced V16:

Exploit Probability

EPSS
0.74%
Percentile
72.58%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.