Siemens SIMATIC WinCC using obsolete function vulnerability

SIMATIC NET PC software is a separately sold software product that implements the SIMATIC NET communication products.SIMATIC PCS 7 is a centralized control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components.SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system.SINAUT Software ST7sc connects SINAUT ST7 stations to HMI, SCADA and office applications via OPC.SIPLUS extreme products are designed for reliable operation under extreme conditions and are based on the SIPLUS extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. Siemens SIMATIC WinCC has a Use of Obsolete Functions vulnerability that stems from the default use of legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access) and OPC AE (Alarms and Events)). These services are designed on top of Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art content authentication and cryptographic security mechanisms. No detailed vulnerability details are available at this time.