SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-467200707] Siemens SIMATIC NET PC-Software Denial-of-Service Vulnerability

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-07-26SOFTWARESiemens SIMATIC NET PC-SoftwareVladimir Dashchenko and Sergey TemnikovN/A2016-5874N/AN/AN/A


# Siemens SIMATIC NET PC-Software Denial-of-Service Vulnerability


Siemens has identified a denial-of-service vulnerability in SIMATIC NET PC-Software. Vladimir Dashchenko and Sergey Temnikov from Kaspersky Labs reported this issue directly to Siemens. Siemens has produced a new version to mitigate this vulnerability.

This vulnerability could be exploited remotely.


Siemens reports that the vulnerability affects the following SIMATIC products:

SIMATIC NET PC-Software: All versions prior to V13 SP2


A successful exploit of this vulnerability could cause a denial-of-service condition that would require a manual restart to recover.

Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.


Siemens is a multinational company headquartered in Munich, Germany.

The affected product, the Siemens SIMATIC NET PC-Software, is designed for communication between controllers (PLCs) and PC-based solutions (HMIs). According to Siemens, the SIMATIC NET PC-Software is deployed across several sectors including Chemical, Critical Manufacturing, and Food and Agriculture. Siemens estimates that this product is used worldwide.




Specially crafted packets sent to several ports (Port 55101/TCP through Port 55105/TCP, Port 4845/TCP, and Port 4847/TCP through Port 4850/TCP) could cause a denial-of-service of the OPC-Unified Architecture (UA) service. A manual restart of the service is required to recover the system.
CVE-2016-5874 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L[A1] ).



This vulnerability could be exploited remotely.


No known public exploits specifically target this vulnerability.


An attacker with a low skill would be able to exploit this vulnerability.


Siemens provides SIMATIC NET PC-Software V13 SP2, which fixes the vulnerability, and recommends users upgrade to the new version. SIMATIC NET PC-Software V13 SP2 can be obtained by contacting your local Siemens representative or customer support.

If OPC-UA is not required, Siemens recommends deactivating these in the communication settings according to the information in the respective product manual.

As a general security measure, Siemens strongly recommends protecting network access to SIMATIC NET PC-Software services with appropriate mechanisms. It is advised to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.

For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-453276 at the following location: