The remote host is running a version of Siemens SIMATIC ProSave prior to version 13 Service Pack 1. It is, therefore, affected by an arbitrary code execution vulnerability due to searching insufficiently qualified paths when loading specific files and libraries. A local attacker can exploit this with a specially crafted application file which loads before the legitimate version, resulting in the execution of arbitrary code under the privileges of the current user.
Binary data scada_siemens_simatic_prosave_SSA-451236.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | simatic_prosave | cpe:/a:siemens:simatic_prosave |