A vulnerability, which was classified as problematic, has been found in Siemens S7-PCT, Security Configuration Tool, SIMATIC Automation Tool, SIMATIC BATCH V9.1, SIMATIC NET PC Software, SIMATIC PCS, SIMATIC PDM, SIMATIC Route Control , SIMATIC STEP, SIMATIC WinCC OA, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC Unified PC Runtime, SIMATIC WinCC , SINAMICS Startdrive, SINUMERIK ONE Virtual, SINUMERIK PLC Programming Tool, TIA Portal Cloud Connector and Totally Integrated Automation Portal. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds read.
This vulnerability is handled as CVE-2023-46280. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.