Primary

Context

Siemens WinCC Unified PC Runtime Key Material Protection Vulnerability

Vulnerability

Patched

A vulnerability exists in all versions of SIMATIC WinCC Unified PC Runtime from V16 to V21 (excluding V21 Update 2), due to inadequate protection of key material in the WinCC Certificate Manager. This flaw could enable an attacker to extract sensitive information.

Impact

Exploitation of this vulnerability could lead to the extraction of sensitive information by allowing access to poorly protected key material.

Remediation

Siemens has released a new version for SIMATIC WinCC Unified PC Runtime V21 and recommends updating to the latest version. For products where fixes are not yet available, Siemens advises following specific countermeasures outlined in the Siemens Security Advisory SSA-063511.

Added: Jun 9, 2026, 10:31 AM

Updated: Jun 9, 2026, 10:31 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens WinCC Unified PC Runtime Key Material Protection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Siemens SIMATIC WinCC Unified PC Runtime

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating