The vulnerability of the Web application SIMATIC WinCC DataMonitor, related to insufficient validation of input data, allows a hacker to load any arbitrary ASPX code.

The vulnerability of the SIMATIC WinCC DataMonitor web application is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to upload any arbitrary ASPX code remotely...

CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd 11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC...

ICSA-19-192-02 Siemens SIMATIC WinCC and PCS7 (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS7 Vulnerability: Unrestricted Upload of File with Dangerous Type 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...