Siemens Web Installer

Source: All CISA Advisories | Added:

The Siemens Web Installer has a vulnerability that allows for uncontrolled search path elements, potentially enabling attackers to execute arbitrary code during application installation. As of January 10, 2023, CISA will not update advisories for these vulnerabilities, directing users to Siemens' ProductCERT for the latest information.

---

Impact: Siemens products including Automation License Manager, SIMATIC WinCC, and various TIA Portal components.

In the Wild: Unknown

Age: Newly disclosed

Remediation: Not specified

Read Full Original Article →