{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T08:30:14.187","vulnerabilities":[{"cve":{"id":"CVE-2021-40360","sourceIdentifier":"productcert@siemens.com","published":"2022-02-09T16:15:13.813","lastModified":"2024-11-21T06:23:57.097","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 6). El hash de la contraseña de una cuenta de usuario local en el servidor remoto podría concederse a través de la API pública a un usuario del sistema afectado. Un atacante autenticado podría forzar el hash de la contraseña y utilizarlo para iniciar sesión en el servidor"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*","versionEndIncluding":"8.2","matchCriteriaId":"8B62697B-2F75-44EA-A1F8-14BF9D1F99CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*","matchCriteriaId":"A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*","matchCriteriaId":"0D25510C-F677-4A98-806C-FF644F11EEC6"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*","versionEndExcluding":"7.4","matchCriteriaId":"3F39B396-140B-4005-9A61-F984C9FAF742"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*","matchCriteriaId":"3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*","matchCriteriaId":"2637C346-8AAF-481F-AFB0-BAD4254D14F4"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*","matchCriteriaId":"BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*","matchCriteriaId":"88F6B3BF-727F-432E-89D8-37FB7C76FE2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*","matchCriteriaId":"62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*","matchCriteriaId":"AF3F613C-6707-4517-B4B8-530C912B79E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*","matchCriteriaId":"590F62CE-9245-4AC9-9FBC-35136E217B0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update14:*:*:*:*:*:*","matchCriteriaId":"3C5F5AD3-878D-42B0-B30E-8B0B6174486B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update15:*:*:*:*:*:*","matchCriteriaId":"57F59EE1-46FC-4B94-AB30-F1D3235C5A1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update16:*:*:*:*:*:*","matchCriteriaId":"BA774F51-885C-4579-982E-431A8AB027B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update17:*:*:*:*:*:*","matchCriteriaId":"110DF98C-BE75-43B6-B63D-1D7D99AFFA73"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update18:*:*:*:*:*:*","matchCriteriaId":"11F812DE-BF33-4CB0-8E21-81682E3B88CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*","matchCriteriaId":"241D5A28-FB22-4C5B-A067-733168E847BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*","matchCriteriaId":"A5418F92-84A9-439C-B86C-ED5820697603"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*","matchCriteriaId":"40631FBD-116B-4589-B77A-6C5A69990F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*","matchCriteriaId":"64B14972-6163-4D44-A9C6-16328E02AC69"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*","matchCriteriaId":"8929E926-740F-4F17-B52C-4C73914B1818"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*","matchCriteriaId":"D4F72666-D10A-4EB2-80D3-18B04C101256"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*","matchCriteriaId":"0E343221-1E1A-4EE7-80AE-AB24E2244BA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*","matchCriteriaId":"1BF716D7-0A77-400F-9B43-64FBE3E65735"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*","matchCriteriaId":"E79DA14E-419C-49BA-8E4F-2907E1D8937F"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*","matchCriteriaId":"81F9C13C-065C-4E40-BB46-687D791348A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*","matchCriteriaId":"5CF06E69-0A23-418D-B0EC-574DACBB4DD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*","matchCriteriaId":"9164EAC1-C416-4F1F-A910-CE84A167A6D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*","matchCriteriaId":"3422B714-DB0F-4EE3-A7D4-9A0165214563"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*","matchCriteriaId":"70B79B00-F61D-4F10-AD7B-74718F061D9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*","matchCriteriaId":"A8766442-CC8D-4221-89B8-F75D195F71E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*","matchCriteriaId":"26C08FB9-AFEB-4A53-AAB3-37C9717B30C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*","matchCriteriaId":"68896900-7FCC-4BFB-B787-8992B459F00D"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update5:*:*:*:*:*:*","matchCriteriaId":"1059B529-02F0-4C85-A35E-2282546FA990"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*","matchCriteriaId":"0D9FE447-2090-47D2-8667-5DC7605089BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*","matchCriteriaId":"BB4FFADC-51F0-439F-9F80-D2B2614FFC39"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:*:*:*:*","matchCriteriaId":"4C117FFB-A3FF-4E82-9CE9-B2DFFAF7D799"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*","matchCriteriaId":"CE5A7162-F1B5-4E74-99D6-4108AC4C49FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*","matchCriteriaId":"A961C560-0288-4BC7-B3EB-11610765A34A"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*","matchCriteriaId":"50B77C2A-4D66-4407-8CA4-99C43ED72DDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*","matchCriteriaId":"9794ED7E-EB17-4C95-B900-840A48758F03"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*","matchCriteriaId":"57E82CFE-4191-4055-A0BA-EAB7BE96D947"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*","matchCriteriaId":"C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*","matchCriteriaId":"B5AF87C6-F8D6-4462-9DF5-B9D301002B1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_5:*:*:*:*:*:*","matchCriteriaId":"E4D610DA-D1EF-487E-94CB-FC6E6BE4BE4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:15.1:update_6:*:*:*:*:*:*","matchCriteriaId":"6BB49DC6-B8AB-4320-B5CB-8EB803D41194"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*","matchCriteriaId":"A4316924-9EF8-4835-A2E4-0C81F4DE473D"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*","matchCriteriaId":"A1011EBE-A08D-4066-A2B8-45736AE6999B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*","matchCriteriaId":"37284D6C-ADB9-43A9-817D-7879FDF8BF7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*","matchCriteriaId":"1DAD73CB-A027-4CEA-A439-A271717BBEDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*","matchCriteriaId":"150B957C-545F-4BD8-8AB9-E64ACC59C865"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*","matchCriteriaId":"C665E91E-DC56-41E0-99B4-ACFAA70B3103"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*","matchCriteriaId":"BB46C8BD-942A-45DC-AA8A-C0D9418CA302"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf","source":"productcert@siemens.com","tags":["Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}