CVE-2026-24349

A vulnerability has been identified in SIMATIC WinCC Unified PC Runtime V16 (All versions), SIMATIC WinCC Unified PC Runtime V17 (All versions), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC Unified PC Runtime V19 (All versions), SIMATIC WinCC Unified PC Runtime V20 (All versions), SIMATIC WinCC Unified PC Runtime V21 (All versions < V21 Update 2). Insufficient protection of key material in WinCC Certificate Manager that could allow an attacker to extract sensitive information.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-063511.html	Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime::::::::
	cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:-::::::
	cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:update1::::::

History

26 Jun 2026, 13:43

Type	Values Removed	Values Added
First Time		Siemens Siemens simatic Wincc Unified Pc Runtime
CPE		cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:update1:::::: cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:-:::::: cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime::::::::
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-063511.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-063511.html - Mitigation, Vendor Advisory

09 Jun 2026, 10:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-09 10:16

Updated : 2026-06-26 13:43

NVD link : CVE-2026-24349

Mitre link : CVE-2026-24349

CVE.ORG link : CVE-2026-24349

JSON object : View

Products Affected

siemens

simatic_wincc_unified_pc_runtime

CWE

CWE-313

Cleartext Storage in a File or on Disk

{"id": "CVE-2026-24349", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-24349", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-09T12:54:10.341457Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 2.5}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.2, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "productcert@siemens.com", "affectedData": [{"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V16", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V17", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V18", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V19", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V20", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC WinCC Unified PC Runtime V21", "versions": [{"status": "affected", "version": "0", "lessThan": "V21 Update 2", "versionType": "custom"}], "defaultStatus": "unknown"}]}], "published": "2026-06-09T10:16:42.967", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-063511.html", "tags": ["Mitigation", "Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-313"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC WinCC Unified PC Runtime V16 (All versions), SIMATIC WinCC Unified PC Runtime V17 (All versions), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC Unified PC Runtime V19 (All versions), SIMATIC WinCC Unified PC Runtime V20 (All versions), SIMATIC WinCC Unified PC Runtime V21 (All versions < V21 Update 2). Insufficient protection of key material in WinCC Certificate Manager that could allow an attacker to extract sensitive information."}], "lastModified": "2026-06-26T13:43:48.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEF729E0-97B1-411A-B389-380D66DFA90D", "versionEndIncluding": "20", "versionStartIncluding": "16"}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4F8BBA0-A5EB-4B5D-AAA5-8BD4DAC9E892"}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime:21:update1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CD85751-05B5-43B0-A5B5-624955D62190"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}