Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2023-26293

HIGH

Published 2023-04-11T09:03:02.235Z

Actions:

CVSS Score

V3.1

7.3

/10

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.001

probability

of exploitation in the wild

There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.290

Higher than 29.0% of all CVEs

Attack Vector Metrics

Attack Vector

Not Available

Attack Complexity

Not Available

Privileges Required

Not Available

User Interaction

Not Available

Scope

Not Available

Impact Metrics

Confidentiality

Not Available

Integrity

Not Available

Availability

Not Available

Description

A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Totally Integrated Automation Portal (TIA Portal) V15

Affected Versions:

0

Totally Integrated Automation Portal (TIA Portal) V16

Affected Versions:

0

Totally Integrated Automation Portal (TIA Portal) V17

Affected Versions:

0

Totally Integrated Automation Portal (TIA Portal) V18

Affected Versions:

0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf

https://cert-portal.siemens.com/productcert/html/ssa-116924.html

Published: 2023-04-11T09:03:02.235Z

Last Modified: 2024-11-25T21:18:55.576Z

Copied to clipboard!