Siemens TIA Administrator Privilege Escalation (SSA-428051)

Binary data scadasiemenstiaadministratorssa-428051.nbin...

Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths

Overview Siemens Totally Integrated Administrator TIA fails to properly set the module search path to be used by a privileged Node.js component, which can allow an unprivileged Windows user to run arbitrary code with SYSTEM privileges. The PCS neo administration console is reported to be affected...