SIMATIC PCS neo is a distributed control system (DCS). Siemens SIMATIC PCS neo suffers from a loose cross-domain policy vulnerability with an untrusted domain, which can be exploited by an attacker to trick a legitimate user into triggering unwanted behavior.