Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2020-25238
HistoryFeb 09, 2021 - 3:38 p.m.

CVE-2020-25238

2021-02-0915:38:18
CWE-284
siemens
www.cve.org

0.0004 Low

EPSS

Percentile

0.4%

JSON

A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system.

CNA Affected

[
  {
    "product": "PCS neo (Administration Console)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.1"
      }
    ]
  },
  {
    "product": "TIA Portal",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "V15, V15.1 and V16"
      }
    ]
  }
]

Related

ics 1
nvd 1
cert 1
prion 1
cve 1
ics
ics
Siemens TIA Administrator (Update A)
2021-09-14 12:00:00
nvd
nvd
CVE-2020-25238
2021-02-09 17:15:13
cert
cert
Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
2021-02-09 00:00:00
prion
prion
Code injection
2021-02-09 17:15:00
cve
cve
CVE-2020-25238
2021-02-09 17:15:13

0.0004 Low

EPSS

Percentile

0.4%

JSON
Related for CVELIST:CVE-2020-25238
ics1nvd1cert1prion1cve1