CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10934
https://notcve.org/view.php?id=CVE-2019-10934
A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Update 7), TIA Portal V16 (All versions < V16 Update 6), TIA Portal V17 (All versions < V17 Update 4). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known. • https://cert-portal.siemens.com/productcert/pdf/ssa-629512.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •