<p>Multiple versions of SIMATIC WinCC and SIMATIC PCS 7 do not properly handle certain requests to their web application (WinCC WebNavigator, PCS 7 Web Server, and PCS 7 Web Diagnostics Server), which may lead to the leak of privileged information. This could allow an unauthenticated remote attacker to retrieve information such as users and passwords.</p>
<p>Siemens has released new versions for the affected products and recommends to update to the latest versions.</p>
Source link
