CNVD-2026-24199
Vulnerability from cnvd - Published: 2026-06-17
VLAI Severity ?
Title
多款Siemens产品代码问题漏洞(CNVD-2026-24199)
Description
Siemens SIMATIC WinCC等都是德国西门子(Siemens)公司的产品。Siemens SIMATIC WinCC是一套自动化的数据采集与监控(SCADA)系统。Siemens SIMATIC STEP是用于配置和编程 SIMATIC 控制器的综合工程工具。Siemens SIMATIC S7-PLCSIM V17是一款PLC程序仿真软件。
多款Siemens产品存在代码问题漏洞,该漏洞源于输入清理不当,攻击者可利用该漏洞在受影响的应用程序中造成类型混淆并执行任意代码。
Severity
中
Patch Name
多款Siemens产品代码问题漏洞(CNVD-2026-24199)的补丁
Patch Description
Siemens SIMATIC WinCC等都是德国西门子(Siemens)公司的产品。Siemens SIMATIC WinCC是一套自动化的数据采集与监控(SCADA)系统。Siemens SIMATIC STEP是用于配置和编程 SIMATIC 控制器的综合工程工具。Siemens SIMATIC S7-PLCSIM V17是一款PLC程序仿真软件。
多款Siemens产品存在代码问题漏洞,该漏洞源于输入清理不当,攻击者可利用该漏洞在受影响的应用程序中造成类型混淆并执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://cert-portal.siemens.com/productcert/html/ssa-693808.html
Reference
https://cert-portal.siemens.com/productcert/html/ssa-693808.html
Impacted products
| Name | ['Siemens Totally Integrated Automation Portal (TIA Portal) V17', 'Siemens Totally Integrated Automation Portal (TIA Portal) V18', 'Siemens SIMATIC PCS neo V4.1', 'Siemens SIMATIC PCS neo V5.0', 'Siemens Totally Integrated Automation Portal (TIA Portal) V19', 'Siemens SIMATIC S7-PLCSIM V17', 'SIEMENS SINAMICS Startdrive V20 all', 'SIEMENS SIRIUS Safety ES V17 (TIA Portal) all', 'SIEMENS SIRIUS Safety ES V18 (TIA Portal) all', 'SIEMENS SIRIUS Safety ES V19 (TIA Portal) all', 'SIEMENS SIRIUS Safety ES V20 (TIA Portal) all', 'SIEMENS SIRIUS Soft Starter ES V17 (TIA Portal) all', 'SIEMENS SIRIUS Soft Starter ES V18 (TIA Portal) all', 'SIEMENS SIRIUS Soft Starter ES V19 (TIA Portal) all', 'SIEMENS SIRIUS Soft Starter ES V20 (TIA Portal) all', 'Siemens TIA Portal Cloud V17 all', 'Siemens TIA Portal Cloud V18 all', 'SIEMENS TIA Portal Cloud V19 <V5.2.1.1', 'SIEMENS TIA Portal Cloud V20 all', 'Siemens SIMATIC PCS neo V4.1 all', 'Siemens SIMATIC PCS neo V5.0 all', 'SIEMENS SIMATIC PCS neo V6.0 all', 'SIEMENS TIA Portal Test Suite V20 all', 'Siemens SIMATIC PCS neo V6.0', 'Siemens Totally Integrated Automation Portal (TIA Portal) V20'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-54678",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-54678"
}
},
"description": "Siemens SIMATIC WinCC\u7b49\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIMATIC WinCC\u662f\u4e00\u5957\u81ea\u52a8\u5316\u7684\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\uff08SCADA\uff09\u7cfb\u7edf\u3002Siemens SIMATIC STEP\u662f\u7528\u4e8e\u914d\u7f6e\u548c\u7f16\u7a0b SIMATIC \u63a7\u5236\u5668\u7684\u7efc\u5408\u5de5\u7a0b\u5de5\u5177\u3002Siemens SIMATIC S7-PLCSIM V17\u662f\u4e00\u6b3ePLC\u7a0b\u5e8f\u4eff\u771f\u8f6f\u4ef6\u3002 \n\n\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u6e05\u7406\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u4e2d\u9020\u6210\u7c7b\u578b\u6df7\u6dc6\u5e76\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-693808.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2026-24199",
"openTime": "2026-06-17",
"patchDescription": "Siemens SIMATIC WinCC\u7b49\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIMATIC WinCC\u662f\u4e00\u5957\u81ea\u52a8\u5316\u7684\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\uff08SCADA\uff09\u7cfb\u7edf\u3002Siemens SIMATIC STEP\u662f\u7528\u4e8e\u914d\u7f6e\u548c\u7f16\u7a0b SIMATIC \u63a7\u5236\u5668\u7684\u7efc\u5408\u5de5\u7a0b\u5de5\u5177\u3002Siemens SIMATIC S7-PLCSIM V17\u662f\u4e00\u6b3ePLC\u7a0b\u5e8f\u4eff\u771f\u8f6f\u4ef6\u3002 \r\n\r\n\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f93\u5165\u6e05\u7406\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u4e2d\u9020\u6210\u7c7b\u578b\u6df7\u6dc6\u5e76\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eSiemens\u4ea7\u54c1\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2026-24199\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Siemens Totally Integrated Automation Portal (TIA Portal) V17",
"Siemens Totally Integrated Automation Portal (TIA Portal) V18",
"Siemens SIMATIC PCS neo V4.1",
"Siemens SIMATIC PCS neo V5.0",
"Siemens Totally Integrated Automation Portal (TIA Portal) V19",
"Siemens SIMATIC S7-PLCSIM V17",
"SIEMENS SINAMICS Startdrive V20 all",
"SIEMENS SIRIUS Safety ES V17 (TIA Portal) all",
"SIEMENS SIRIUS Safety ES V18 (TIA Portal) all",
"SIEMENS SIRIUS Safety ES V19 (TIA Portal) all",
"SIEMENS SIRIUS Safety ES V20 (TIA Portal) all",
"SIEMENS SIRIUS Soft Starter ES V17 (TIA Portal) all",
"SIEMENS SIRIUS Soft Starter ES V18 (TIA Portal) all",
"SIEMENS SIRIUS Soft Starter ES V19 (TIA Portal) all",
"SIEMENS SIRIUS Soft Starter ES V20 (TIA Portal) all",
"Siemens TIA Portal Cloud V17 all",
"Siemens TIA Portal Cloud V18 all",
"SIEMENS TIA Portal Cloud V19 \u003cV5.2.1.1",
"SIEMENS TIA Portal Cloud V20 all",
"Siemens SIMATIC PCS neo V4.1 all",
"Siemens SIMATIC PCS neo V5.0 all",
"SIEMENS SIMATIC PCS neo V6.0 all",
"SIEMENS TIA Portal Test Suite V20 all",
"Siemens SIMATIC PCS neo V6.0",
"Siemens Totally Integrated Automation Portal (TIA Portal) V20"
]
},
"referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-693808.html",
"serverity": "\u4e2d",
"submitTime": "2025-08-20",
"title": "\u591a\u6b3eSiemens\u4ea7\u54c1\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2026-24199\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…