Desigo CC deployments that use Installed Client are impacted by an information disclosure vulnerability which could result in information leak from the Desigo CC server. The other Desigo CC client options, Windows App Client and Flex Client, are not affected by this vulnerability. Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
https://cert-portal.siemens.com/productcert/html/ssa-523418.html