Siemens TeleControl Server Basic
Plan PatchCVSS 8.8ICS-CERT ICSA-26-015-03Jan 13, 2026
Siemens
Attack path
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
TeleControl Server Basic before V3.1.2.4 contains a local privilege escalation vulnerability (CWE-250) that allows an attacker with a local user account to run arbitrary code with elevated privileges. This could result in complete compromise of the TeleControl Server and disruption of remote control operations. Siemens has released version 3.1.2.4 which addresses this issue.
What this means
What could happen
An attacker with local access to the TeleControl Server Basic could run commands with elevated privileges, potentially taking control of the server and disrupting remote control operations for substations or generation facilities.
Who's at risk
Electric utilities and water authorities using Siemens TeleControl Server Basic for remote monitoring and control of substations, generation facilities, or distribution nodes. This affects operators and engineering staff who rely on the server for SCADA communications and control operations.
How it could be exploited
An attacker with a standard user account on the TeleControl Server Basic system could exploit an insufficient privilege check to escalate their access level and execute arbitrary code with system privileges, giving them full control of the server process.
Prerequisites
- Local user account on the TeleControl Server Basic system
- Access to the affected system (< version 3.1.2.4)
local access requiredlow complexityprivilege escalation
Exploitability
Unlikely to be exploited — EPSS score 0.0%
Affected products (1)
ProductAffected VersionsFix Status
TeleControl Server Basic< 3.1.2.43.1.2.4
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate TeleControl Server Basic to version 3.1.2.4 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/594136d2-b95a-42ec-b4ab-1a8ce650921eGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.