A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
[
{
"product": "TIA Portal V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TIA Portal V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V15.1 Update 7"
}
]
},
{
"product": "TIA Portal V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V16 Update 6"
}
]
},
{
"product": "TIA Portal V17",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V17 Update 4"
}
]
}
]