Unrated severityNVD Advisory· Published May 10, 2022· Updated Apr 21, 2025

CVE-2022-24287

Description

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.

Affected products

Siemens Foundation/SIMATIC WinCCllm-fuzzy
Range: V7.3 all; V7.4 < V7.4 SP1 Update 21; V7.5 < V7.5 SP2 Update 8
Siemens Foundation/Simatic Pcs7cpe-rescue3 versions
All versions+ 2 more
- (no CPE)range: All versions
- (no CPE)range: All versions < V9.0 SP3 UC06
- (no CPE)range: All versions < V9.1 SP1 UC01
Siemens Foundation/SIMATIC WinCC Runtime Professionalcpe-rescue
Range: All versions
Siemens Foundation/Simatic Wincc Runtimecpe-rescue
Range: All versions < V17 Upd4
Siemens Foundation/Wincccpe-rescue3 versions
All versions+ 2 more
- (no CPE)range: All versions
- (no CPE)range: All versions < V7.4 SP1 Update 21
- (no CPE)range: All versions < V7.5 SP2 Update 8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-363107.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000