all InfoSec news
SSA-116924 V1.0: Path Traversal Vulnerability in TIA Portal
Siemens ProductCERT Security Advisories cert-portal.siemens.com
TIA Portal contains a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.
Siemens has released an update for TIA Portal V18 and recommends to update to the latest version. Siemens is preparing further updates and recommends specific countermeasures for products where updates are not, or not yet …
arbitrary code arbitrary code execution arbitrary files attacker code code execution configuration engineering exploit file files malicious path path traversal path traversal vulnerability portal siemens ssa system tia tia portal update vulnerability