![](https://hosting.photobucket.com/bd25d3ab-8cd6-44c8-9de9-28d993417960/484eb376-2075-4b96-b0f6-6cfbf6ccc70e.jpg)
Preface: SIMATIC WinCC is a supervisory control and data acquisition (SCADA) and human-machine interface (HMI) system from Siemens. SCADA systems are used to monitor and control physical processes involved in industry and infrastructure on a large scale and over long distances. SIMATIC WinCC can be used in combination with Siemens controllers. WinCC is written for the Microsoft Windows operating system.[1][2] It uses Microsoft SQL Server for logging and comes with a VBScript and ANSI C application programming interface.
Background: The User Management Component (UMC) enables the system-wide, central maintenance of users with an optional connection to Microsoft Active Directories.
The User Management Component (UMC) enables the system-wide, central maintenance of users with an optional connection to Microsoft Active Directories. UMC allows the establishment of central user management. This means that you can define and manage users and user groups across software and devices. Users and user groups can also be transferred from a Microsoft Active Directory (AD).
The following applications are connected to UMC: SINEMA RC, SINEC NMS, WinCC Unified, TIA Portal & WinCC Runtime Advanced
Vulnerability details: A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Intelligence (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component.
This could allow an unauthenticated remote attacker to execute arbitrary code.
Official announcement: Please refer to the link for details –