Denial of Service Vulnerability in TIA Administrator
Low Risk3.3SSA-319319Jun 11, 2024
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
TIA Administrator stores temporary download files in a directory with insecure permissions, allowing authenticated local users to manipulate these files and disrupt the software update process. This affects all versions prior to V3 SP2.
What this means
What could happen
An authenticated attacker on the same Windows system could disrupt TIA Administrator's software update process, potentially delaying or preventing engineering workstations from receiving critical control system updates.
Who's at risk
Engineering teams and automation technicians using Siemens TIA Administrator for programming and maintaining SIMATIC PLCs and control systems. Affects any organization using TIA portals for industrial automation engineering workstations.
How it could be exploited
An attacker with local Windows access and valid credentials could manipulate temporary download files stored with weak permissions during the TIA Administrator update process, causing updates to fail or become corrupted.
Prerequisites
- Local access to the Windows system running TIA Administrator
- Valid Windows user credentials (authenticated user account)
- Ability to write to the temporary download directory
Affects software update mechanismRequires local system accessRequires user authenticationLow CVSS score
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
TIA AdministratorAll versions < V3 SP23 SP2
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate TIA Administrator to version 3 SP2 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/3190125a-97b2-48b7-ab16-811a49c04d9a