Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-35868

Published: 14/02/2023 Updated: 08/02/2024
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
VMScore: 0
Subscribe to Tia Project-server

Vulnerability Summary

A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server  (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an malicious user to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens tia project-server 1.0

siemens tia multiuser server 14

siemens tia multiuser server 16

siemens tia multiuser server 15

siemens tia multiuser server 15.1

siemens tia project-server 17

ICS Advisories

Siemens TIA Project-Server formerly known as TIA Multiuser Server
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-426https://cert-portal.siemens.com/productcert/pdf/ssa-640968.pdfhttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-23-047-07
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook