CVE-2020-7580

Name: CVE-2020-7580
Creator: NVD / NIST
Published: 2020-06-10T17:15:12.347+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.7/10EPSS 0.44%

Last modified Jun 17, 2026

CVE-2020-7580 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. EPSS estimates a 0.44% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.

Metrics

CVSS 3.1

6.7/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.44%

35.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Siemens	Simatic Automatic Tool	All versions
Siemens	Simatic Net Pc	< 16
Siemens	Simatic Net Pc	16
Siemens	Simatic Pcs 7	All versions
Siemens	Simatic Pcs Neo	All versions
Siemens	Simatic Prosave	All versions
Siemens	Simatic S7-1500 Software Controller	< 21.8
Siemens	Simatic Step 7	< 5.6
Siemens	Simatic Step 7	>= 13, <= 16
Siemens	Simatic Step 7	5.6
Siemens	Simatic Wincc	< 7.4
Siemens	Simatic Wincc	7.4
Siemens	Simatic Wincc	7.5
Siemens	Simatic Wincc Open Architecture	3.16
Siemens	Simatic Wincc Open Architecture	3.17
Siemens	Simatic Wincc Runtime Advanced	All versions
Siemens	Simatic Wincc Runtime Professional	>= 13, <= 16
Siemens	Sinamics Startdrive	All versions
Siemens	Sinamics Starter Commissioning Tool	All versions
Siemens	Sinec Network Management System	All versions
Siemens	Sinema Server	All versions
Siemens	Sinumerik One Virtual	All versions
Siemens	Sinumerik Operate	All versions

References

https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04Third Party Advisory, US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdfVendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04Third Party Advisory, US Government Resource

Timeline

Published: Jun 10, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-7580?

How severe is CVE-2020-7580?

CVE-2020-7580 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 0.44% probability of exploitation in the next 30 days.

How do I fix CVE-2020-7580?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-7580?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST