More than two months after the original advisory went out, Siemens has released patches for a pair of critical vulnerabilities in some versions of its Simatic WinCC SCADA product that remained ...

The vulnerabilities the patches are aimed at correcting include one in which unauthenticated attackers could execute arbitrary code on the SIMATIC WinCC SCADA server via specially ... on this site ...

One of the vulnerabilities allows unauthenticated attackers to remotely execute arbitrary code on a Siemens SIMATIC WinCC SCADA server by sending specially crafted packets to it. The flaw received ...

The password protects the database used in Siemens' Simatic WinCC SCADA system ... third-parties can retrieve it by analyzing the code, though software-makers can employ obfuscation techniques ...

The vulnerabilities enable remote attackers to steal files from Siemens SIMATIC WinCC SCADA servers and it is ... allow for unauthenticated remote code execution,” the DHS said.