Siemens TeleControl Server Basic
Plan Patch8.8ICS-CERT ICSA-26-015-03Jan 13, 2026
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
TeleControl Server Basic before version 3.1.2.4 contains a local privilege escalation vulnerability (CWE-250) that allows an attacker with local user account access to run arbitrary code with elevated privileges. Siemens has released a fix in version 3.1.2.4 or later.
What this means
What could happen
An attacker with local access to a TeleControl Server Basic system could escalate privileges and run arbitrary code, potentially compromising the entire remote control infrastructure for SCADA networks and critical infrastructure operations.
Who's at risk
Water and electric utilities, municipal control centers, and any organization operating SCADA networks that depend on Siemens TeleControl Server Basic for remote terminal operations and supervisory control.
How it could be exploited
An attacker with a local user account on the TeleControl Server Basic system exploits a privilege escalation flaw (CWE-250) to gain elevated system privileges. Once escalated, the attacker can execute arbitrary code with administrative rights, which could be used to modify control logic, steal credentials, or disrupt remote terminal operations.
Prerequisites
- Local user account on the TeleControl Server Basic system
- Physical or remote access to a user-level shell or application interface
Local privilege escalation vulnerabilityAffects critical infrastructure control serversAllows arbitrary code execution with elevated privileges
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
TeleControl Server Basic< 3.1.2.43.1.2.4
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate TeleControl Server Basic to version 3.1.2.4 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/594136d2-b95a-42ec-b4ab-1a8ce650921e