Multiple Vulnerabilities in TIA Administrator Before V3.0.6

Plan Patch7.8SSA-573669Jul 8, 2025

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

TIA Administrator before V3.0.6 contains multiple vulnerabilities that could allow privilege escalation or arbitrary code execution during runtime or installation. The vulnerabilities involve improper cryptographic signature verification (CWE-347) and improper access control (CWE-284). An attacker with local access could exploit these to gain elevated privileges on the engineering workstation.

What this means

What could happen

An attacker with local access to a TIA Administrator workstation could escalate privileges or execute arbitrary code, potentially gaining full control of the engineering environment and ability to modify control system configurations or deploy malicious logic to connected industrial equipment.

Who's at risk

Industrial automation engineers and operators at utilities, water systems, and manufacturing facilities using Siemens TIA (Totally Integrated Automation) Administrator on engineering workstations for programming and configuring PLCs, HMIs, and distributed control systems.

How it could be exploited

An attacker with a local user account on a TIA Administrator engineering workstation could exploit privilege escalation vulnerabilities during the application runtime or installation process to gain elevated privileges, then execute arbitrary code to compromise the workstation and any connected Siemens control systems.

Prerequisites

Local user account on the TIA Administrator workstation
TIA Administrator version prior to 3.0.6 installed

privilege escalation possiblearbitrary code executionaffects engineering workstationsaffects systems managing critical infrastructure

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

TIA Administrator< V3.0.63.0.6

Remediation & Mitigation

0/1

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate TIA Administrator to version 3.0.6 or later

CVEs (2)

CVE-2025-23364 CVE-2025-23365

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/5b4ad63b-37c8-48db-a0be-52d66e6954e4