March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2019-10937 – Siemens SIMATIC TDC CP51M1 Denial of Service Vulnerability
September 11, 2019Rewterz Threat Advisory – CVE-2019-10935 – Siemens SIMATIC WinCC and PCS7 Denial of Service Vulnerability
September 11, 2019Rewterz Threat Advisory – CVE-2019-10937 – Siemens SIMATIC TDC CP51M1 Denial of Service Vulnerability
September 11, 2019Rewterz Threat Advisory – CVE-2019-10935 – Siemens SIMATIC WinCC and PCS7 Denial of Service Vulnerability
September 11, 2019
Severity
High
Analysis Summary
An attacker could exploit this vulnerability in a third-party component to remotely execute code on the client computer with the same permissions as the PI SQL Client user.
Communication with a malicious PI SQL Data Access Server (RTQP Engine) is needed to expose a PI SQL client to this vulnerability.
Impact
Privilege access
Affected Vendors
OSIsoft LLC
Affected Products
PI SQL Client 2018 (PI SQL Client OLEDB 2018)
Remediation
OSIsoft recommends users upgrade to PI SQL Client 2018 R2 or later to resolve this issue.