Siemens Industry Online Support
Siemens AG
Entry type: Download Entry ID: 109744041, Entry date: 12/21/2016

Download Security Configuration Tool (SCT) V4.3 HF 1

  • Entry
  • Associated product(s)
The Security Configuration Tool V4.3 HF1 is now available as a download.   You can use SCT V4.3 HF1 with existing configurations.   Existing, older SCT versions can be upgraded for free.

The version is suitable for the following devices / software:

  • SCALANCE S-600

  • SCALANCE M-800


  • CP343-1 Advanced

  • CP443-1 Advanced

  • CP443-1 OPC UA

  • CP1628

  • SOFTNET Security Client

The following features were added:

Certificate manager:

  • Deletion of preinstalled, reliable certification bodies

  • Export of device certificate, private key and CA in a common *.p12


  • Source NAT (tunnel -> internal) for reactionless remote access to existing systems / networks

  • The default values of the VPN group properties are adjusted to currently recommended values

  • Warning messages which have been introduced when using non-recommended VPN group properties

  • Default fallback VPN profiles are visible in the VPN group properties and can be activated / deactivated

  • Default Road Warrior VPN profiles are visible in the VPN module properties and can be activated / deactivated

  • User-defined Road Warrior VPN profiles can be configured

The following faults have been corrected:

  • Installation

    Relevant for Win7 SP1 with .Net Framework 4.5.2

  • Migration

    Relevant for opening existing projects of previous SCT versions

  • VPN in connection with NAT in the tunnel
    Relevant for configurations: SCALANCE S Server, SCALANCE M and SCALANCE S Clients

  • VPN
    Relevant for configurations with SOFTNET Security Client, SCALANCE M

  • VPN with Perfect Forward Secrecy (PFS)
    Relevant for configurations with activated PFS in the VPN groups

  • NAT
    Relevant for configurations with double NAT

The following security fixes and improvements are included:

  • This version includes improvements regarding the configuration of VPN cipher and proposals.

  • Correction of SSA-701708: Local Privilege Escalation in Industrial Products

Security information:

This update contains safety-relevant changes which improve robustness against possible attacks. We therefore recommend you update the firmware.

Third-party software - license conditions and copyright notes

You can find the copyright information for third-party software contained in this product, particularly open source software, as well as applicable license conditions of such third-party software in the ReadMe_OSS file.

Special note for resellers

The information and the license conditions in the Readme_OSS file must be passed on to the purchasing party to avoid license infringements by the reseller or purchasing party.

Registrierung notwendig ReadMe_OSS.html (543.1 KB)

Please observe the installation notes in the product documentation.

You can download the file here.

Download unterliegt Exportcontrolle SIMATIC_NET_Security_Configuration_Tool_V4_3_0_1.exe (588.3 MB)

Note: Software is subject to export restrictions, download only for registered users

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit