VYPR
← All advisories
Unrated severityNVD Advisory· Published May 14, 2019· Updated Aug 4, 2024

CVE-2019-6577

CVE-2019-6577

Description

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Cross-Site Scripting (XSS) in Siemens SIMATIC HMI panels and WinCC via SNMP configuration modification.

Vulnerability

The integrated web server in multiple Siemens SIMATIC HMI devices and WinCC versions is vulnerable to Cross-Site Scripting (XSS) attacks. Affected products include SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), and SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions) [1]. The XSS occurs if an attacker can modify particular parts of the device configuration via SNMP [1].

Exploitation

An attacker with network access to the affected system and system privileges can exploit this vulnerability. The attacker first uses SNMP with a hardcoded community string (CVE-2019-6572) to modify certain parts of the device configuration, injecting malicious script [1]. Then, user interaction is required, such as a victim accessing the web server, which executes the injected script [1]. Low skill level is needed for exploitation [1].

Impact

Successful exploitation compromises the confidentiality and integrity of the affected system [1]. An attacker could achieve XSS, leading to disclosure of sensitive information or unauthorized actions [1]. Additionally, through the SNMP vector, an attacker could read/write variables on the device [1].

Mitigation

Siemens has released updates for most affected products. Update SIMATIC HMI Comfort Panels, Comfort Outdoor Panels, KTP Mobile Panels, WinCC Runtime Advanced, WinCC Runtime Professional, and WinCC (TIA Portal) to V15.1 Update 1 [1]. For SIMATIC HMI Classic Devices, no fix is available; users should apply defense-in-depth measures, such as restricting network access and monitoring SNMP traffic [1]. No public exploitation is known at the time of publication [1].

References
  1. Siemens SIMATIC Panels and WinCC (TIA Portal) | CISA

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

10
  • Siemens Foundation/SIMATIC HMI Classic Devicesllm-fuzzy
  • Siemens Foundation/Simatic Hmi Comfort Panelsllm-fuzzy
    Range: < V15.1 Update 1
  • Siemens Foundation/SIMATIC WinCC Runtime Advancedllm-fuzzy
    Range: < V15.1 Update 1
  • Siemens AG/SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)v5
    Range: All versions
  • Siemens AG/SIMATIC HMI Comfort Outdoor Panels 7" & 15"v5
    Range: All versions < V15.1 Update 1
  • Siemens AG/SIMATIC HMI Comfort Panels 4" - 22"v5
    Range: All versions < V15.1 Update 1
  • Siemens AG/SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900Fv5
    Range: All versions < V15.1 Update 1
  • Siemens AG/SIMATIC WinCC Runtime Advancedv5
    Range: All versions < V15.1 Update 1
  • Siemens AG/SIMATIC WinCC Runtime Professionalv5
    Range: All versions < V15.1 Update 1
  • Siemens AG/SIMATIC WinCC (TIA Portal)v5
    Range: All versions < V15.1 Update 1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.