CVE-2019-10934
Description
A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.103
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-10934 are affected in Siemens Totally Integrated Automation Portal (TIA Portal) * | Windows |
| Vulnerabilities CVE-2019-10934,CVE-2020-25238,CVE-2022-27194,CVE-2023-30757 are affected in Siemens Totally Integrated Automation Portal (TIA Portal) 15.1 | Windows |
| Multiple Vulnerabilities are affected in Siemens Totally Integrated Automation Portal (TIA Portal) 16 | Windows |
| Vulnerabilities CVE-2019-10934 are affected in Siemens Totally Integrated Automation Portal (TIA Portal) 16.0 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234